Security and Public Safety Can ICT Help?: March 2009 Issue

ASIA’S FIRST MONTHLY MAGAZINE ON E-GOVERNMENT

INTERVIEW

M L Kumawat Director General, Border Security Force, Ministry of Home Affairs, Government of India

IS S N 0 97 3 - 1 61 X

VOLUME 5

| ISSUE 3 | MARCH 2009

www .e go v o nl ine . ne t

www.egovonline.net - Asia’s Leading Portal on e-Government

Security and Public Safety

Can ICT Help? INTERVIEW

COVER FEATURE

INTERVIEW

SK Chaturvedi CMD, Power Grid

Security is Prime

R P Sinha Dy. MD (IT), SBI

CONTENTS SPECIAL FOCUS: SECURITY

Security and Public Safety Can ICT Help?

www.egovonline.net Volume 5 | Issue 3 | March 2009

NEWS & VIEWS

Digvijaysinh Chudasma Vice President Sales, Cyberoam, India

INTERVIEW

Focussing on IT Capabilities M L Kumawat, Director General, Border Security Force, Ministry of Home Affairs, Government of India

Lizum Mishra India Director Business Software Alliance, India

Sandeep Budki and Tannu Singh

Checkmate Threats Bhaskar Bakthavatsalu, Country Manager Sales, India & SAARC, Checkpoint software Technologies Limited Tannu Singh

Rajiv Chaddha Vice President – Sales, VeriSign, India

Airport Redefined Francis Ranjan, Head – ICT, Bengaluru International Airport Sandeep Budki

Director – Wireless Broadband APAC Enterprise Mobility Government And Public Safety, Motorola Electronics, India

FEATURE

Security is Prime

Cyber Security: Pre-requisite in Cyber-World

Sandeep Budki

Tannu Singh

Benhur Mesfin

Amit Dudeja

Centre of e-Governance opens in DIT

DGM Tolling Operations Delhi Gurgaon Expressway

Securing Mobile Phones Nilakshi Barooah

INTERVIEW Towards emPOWERING India

S K Chaturvedi, Chairman and Managing Director, Power Grid Corporation of India Limited Nilakshi Barooah

e-Banks: The New Mantra R P Sinha, Deputy Managing Director (IT), State Bank of India Sandeep Budki

Lead a Change Joan McCalla, Distinguished Fellow, Internet Business Solutions Group, Cisco Ravi Gupta and Sandeep Budki

Events Watch

Executive Movements

CASE STUDY

33 34 ov

Effective Collection Processes Seamless Experience

Sign Off

Ask SAP

Read Articles & Interviews on ‘Security’ at www.egovonline.net/security January 2009

ov volume 5 | issue 3 | March 2009 PRESIDENT

EDITORIAL

Dr. M P Narayanan EDITOR-IN-CHIEF

Ravi Gupta

Towards Securing India

GROUP DIRECTORS

Maneesh Prasad Sanjay Kumar ASSISTANT EDITOR

Prachi Shirur SR. CORRESPONDENT

Sandeep Budki SR. SUB EDITOR

Nilakshi Barooah RESEARCH ASSISTANT

Tannu Singh MARKETING

Gautam Navin mobile: +91 9818125257 email: gautam@egovonline.net Debabrata Ray mobile: +91 9899650692 email: debabrata@egovonline.net SALES

Santosh Kumar Gupta mobile: +91 9891192996 email: santosh@egovonline.net Anuj Agrawal mobile: +91-9911302086 anuj@csdms.in SR. GRAPHIC DESIGNER

Bishwajeet Kumar Singh GRAPHIC DESIGNERS

Om Prakash Thakur Chandrakesh Bihari Lal (James) WEB MAINTAINANCE

Zia Salahuddin, Amit Pal SUBSCRIPTIONS & CIRCULATION

Lipika Dutta (+91 9871481708) Manoj Kumar (+91 9971404484) EDITORIAL CORRESPONDENCE

National security has become the top agenda for the Government of India, especially after the 26/11 Mumbai attacks. Moreover, the bomb blasts in Jaipur, Bengaluru, Delhi and Guwahati has left us all questioning the national security and public safety of India. On the other hand, protecting digitised government data is also an uphill task. Government websites, networks and computers are at the receiving end of information hackers. February 2009 saw 600 computers of the Ministry of External Affairs (MEA) being hacked. The situation is even more grim, given the fact that the terrorists today are extremely techno-savvy. The mobile phones at our fingertips is also not spared the brunt. There are increasing number of threats on mobile phones and the confidentiality of data and information needs good amount of attention. In such times, it is not wrong to say that cyber security and physical security are two sides of the same coin and a worthy synergy between the two is the only solution to foster the overall national security of the country. The amalgamation of physical and virtual security is well recognised by the top security agencies such as the Border Security Force. They are well in tune to leverage the maximum benefits of Information and Communications Technology (ICT) for securing India. Today, technologies such as CCTV and surveillance cameras are equipped to monitor terrorists activities and other such threats. Even the Public Sector Units are not behind in this race, Power Grid has taken a lead in this regard. Also, the Indian banking industry does not want to be left behind as they have massively turned towards usage of ICT. This sector is even more threatened due to the ‘financial’ aspects attached with it. The e-Banks and m-Banks has to provide easy banking solutions without compromising upon the security of financial transactions. India’s e-Readiness rank has dropped to 113 in 2008 from 87 in 2007 according to the United Nations e-Government Survey 2008 – questioning our preparedness towards securing India through ICT. This issue of egov is woven along these lines and calls for debates and deliberations on the issue of securing and safeguarding India. Also, watch out for a special discussion on ‘Security and Public Safety’ in eINDIA, this August 2009.

eGov G-4 Sector 39, NOIDA 201301, India

Let us know how you enjoyed this issue of egov.

tel: +91 120 2502181-85, fax: +91 120 2500060 email: info@egovonline.net egov is published in technical collboration with Centre for Science, Development and Media Studies egov does not neccesarily subscribe to the views expressed in this publication. All views expressed in the magazine are those of the contributors. egov is not responsible or accountable for any loss incurred, directly or indirectly as a result of the information provided. Owner, Publisher, Printer, Ravi Gupta Printed at Vinayak Print Media, D-320, Sector - 10 Noida, U.P. and published from 710 Vasto Mahagun Manor, F-30, Sector - 50 Noida, UP Editor: Ravi Gupta

March 2009

Ravi Gupta Ravi.Gupta@csdms.in

INTERVIEW

www.powergridindia.com

TOWARDS emPOWERING India The POWERGRID portal acts both as the information portal as well as single platform for web service delivery. What other services are in pipeline? POWERGRID has adopted a multidimensional approach for empowering all users of its IT enabled services and facilities covering all its functional areas for the benefit of all stakeholders such as the Organisation, employees, government, clientsstate electricity boards and peer organisation, business partners/vendor community, citizens and society at large. The services which are in the pipeline are - HRD Information Management Services, HR Appraisal Information Management Services, Engineering Information Management Services, Library Information Management Services, Vigilance Information Management System, Contracts Information Management System and Rajbhasha Information Management System.

S K Chaturvedi Chairman and Managing Director Power Grid Corporation of India Limited

â&#x20AC;&#x153;

POWERGRID has envisaged various endeavours for the year 2009: e-Procurement, Enterprise Asset Management system and Information Servicesâ&#x20AC;?

Your organisation extensively uses e-Training through video-conferencing. What are the key learnings and outcome of it? Video conferencing facility is being used for online interaction among personnel of all levels at Corporate Centre and Regional Head quarters on regular basis for various purposes e.g project monitoring, budget monitoring, e-Training and top management reviews. The use of videoconferencing system has resulted in huge cost saving, time saving, online interaction and knowledge sharing, quick decision making and prompt resolution of problems. What are the other e-Governance projects lined up for 2009 ? POWERGRID has envisaged various endeavours for the year 2009: e-Procurement, Enterprise Asset Management system and Information Services. POWERTEL offers India with telecom network which acts as a support to the e-Governance initiatives of Govt of India and various state governments. What is the current business scenario of POWERTEL and what do you foresee in the near future? www.egovonline.net

POWERTEL is having an all India telecom backbone network networks to meet high Service Level Agreement (SLA) of 20,000Kms covering over 110 cities and towns including demanded by customers, high cost of RoW and intra city remote areas in North East India and Jammu and Kashmir. access network for last mile connectivity. The services offered include end to end bandwidth, ethernet private leased lines and Internet services. Multiprotocol Label POWERGRID provides consultancy to various Switching (MPLS) / Virtual Private Network (VPN) services international governments. What is your USP? are also offered in association with Based on our rich experience earned other service providers. However, through implementation of huge POWERTEL will offer MPLS/VPN transmission network in India POWERGRID services on its own very soon. The by adopting latest technology in major telecom operators, Government multifarious topology and environment, has the unique departments, Multi National POWERGRID has emerged as a Companies (MNCs) and media are in renowned global consultant in Power advantage of our clientele. Sector. The expertise of POWERGRID in being an Owner POWERGRID has laid Optical the field of studies, design, engineering, Ground Wire (OPGW) only on 1/3rd procurement, inspection, project turned Consultant. of its power transmission network. management, construction supervision, The feed back obtained Depending on demand POWERGRID human resource development, spare can lay Optical Fiber on its remaining parts management, operation and while carrying out part of transmission network in a maintenance have enabled it to the Operation & phased manner. POWERTEL is poised successfully undertake large number of to become a strong National Long consultancy assignments for national Maintenance of its Distance (NLD) player and Integrated and international clients including projects is ploughed Telecom & IT service provider by Afghanistan, Nepal, Bhutan, Dubai, establishing 40 GB Next Generation Sri Lanka, Nigeria, Bangladesh and back to its design Network and state-of-the-art Data various State Electricity Boards in Centres and further we would be India. POWERGRID has so far executed departments entering into sharing of our tower 280 consultancy assignments with for continual infrastructure for rural connectivity aggregated business of more than US$ for which we have conducted pilot 275 million. POWERGRID has a well improvementâ&#x20AC;? projects successfully. established and dedicated Business Development Division backed up by What are the key challenges that more than 2600 experts, who not only you have faced in providing telecommunications network cater to the requirement of the in-house projects but also in India? provide consultancy services of international standards to POWERTEL is a relatively new entrant in the telecom business various power utilities and State Electricity Boards and other segment as our core business is on power transmission. The clients outside the country as well. major challenges that we have faced in this sector are highly Nilakshi Barooah nilakshi@egovonline.net competitive and dynamic market environment, building

www.egovonline.net

Security and Public Safety

Can ICT Help?

SPECIAL FOCUS: SECURITY INTERVIEW

Focussing on IT Capabilities M L Kumawat, DG, BSF, Ministry of Home Affairs, GoI

Checkmate Threats Bhaskar Bakthavatsalu, Country Manager Sales, India & SAARC, Checkpoint software Technologies Limited

Airport Redefined Francis Ranjan, Head â&#x20AC;&#x201C; ICT, Bengaluru International Airport

FEATURE

16 22 30

Security is Prime Cyber Security: Pre-requisite in Cyber-World Securing Mobile Phones

R PU I A

BENGALURU DELHI

DATE

PLACE

ar Pradesh Rampur - Utt han 1st January Jaipur - Rajast akaa atak rnat rn ay M Ka Ka th e u 13 or Bangalur Be 25th July Delhi aharashtra 26th July Malegaon - M r be sam 13th Septem Guwahati - As r arashtra ah M 29th Septembe Mumbai 30th October medabad ember Ah 26th - 29th Nov

ATTACKS

re PF Group Cent Assault on CR mb blasts Eight Serial bo nsity blasts te Eight Low in three areas Five Blasts in t One bomb blas ur areas fo in Nine Blasts 10 locations ist attacks at s Multiple terror ss than 2 hour ed blasts in le 20 synchroniz

MUMBAI 10 }

www.egovonline.net

INTERVIEW

www.bsf.nic.in

Focussing on IT Capabilities What are the biggest challenges Border Security Force (BSF) as an organisation is facing? India has a 15000 km long land border and 7500 km long coastline border, out of which only 500 km is guarded by the army. BSF on the India-Pakistan border and the Bangladesh border is guarding 95% of the border. The biggest challenge we face in undertaking our task are the difficulties of operating in a variety of geographical terrain and also suiting the needs of a variety of linguistic zones spread across India. Unlike Israel which has only desert border, India has border in the form of desert, mountains, swampy land, coastline etc. and so its a great challenge to be able to guard all these variety of border areas with equal expertize. Moreover, a BSF jawan has to speak Bengali in the Eastern part of the country whereas on the Western border they have to interact in Gujarati Punjabi etc., so one can well imagine how many languages a BSF jawan has to be well-versed in order to be able to operate effectively and efficiently. Then you have terrorist groups like jaish-a-mohammad and lashkar-a-toiba threatening to attack and destroy India, again here also BSF as an organisation will bear the first on-slaught of these terrorist attacks.

M L Kumawat Director General, Border Security Force, Ministry of Home Affairs,Government of India

â&#x20AC;&#x153;

Government of India has sanctioned 3500 crores of rupees for the modernisation of the forces, out of which 500 plus crores are being used for computerisation and ITâ&#x20AC;?

12 }

How does BSF address the issue of capacity building? BSF has grown since its inception in 1965. We initially had only 25 battalions but today we have around 157 battalions in total. Recently Government of India has sanctioned another 27 battalions, 9 sectors and 3 more frontiers to BSF which will be raised in a phased manner in the next five years in order to strengthen our Eastern as well as our western border area security. Training is a very important area of focus within BSF towards the capacity building of the organisation as well as that of individuals. Infact we have a number of training institutions and many of our centres have been declared as centres of excellence by government of India. Our BSF training academy at Takenpur in Madhya Pradesh is an center of excellence where our senior officials are trained. We organise in-service progranmmes, moreover in addition to training academy here we also have 9 training centres to train our constables and subinspectors. Then we have a national dog training centre where dogs are trained in sniffing and tracking. We also have a motor-vehicle and weapons training centre at Indore. What are the steps that you have taken towards the IT education of your troops? From the ground level itself we have three kinds of trainings to build on the IT capabilities of our staff. First, is the training within the organisation which comprises of training like frontier level training, sector level training and training in signals for which we have two two schools in Delhi and Bangalore specifically meant to meet the needs of IT related needs. Then we have also outsourced IT training to DOECC approved institutions to conduct such classes for BSF. Thirdly, we have some very good radio technicians from CDAC Noida conducting training sessions for our staff on network issues www.egovonline.net

as well as trouble shooting. At the headquarters we have a communication wing and a computer directorate wherein a DIG level officer is mandated as the chief to take care of the computerisation of the organisation. Then we have a Internet-prahery programme through which we are planning to connect all our 1400 plus border out-posts, 10 frontiers and 157 battalions to each other. So in the next one or two years we plan to deal with all our administrative as well as operational requirements will be met through Internet. To begin with we have already computerised all the personal data of the all our recruits like salary, pension, leave, service details. On the BSF website every one has an account which can be initially accessed using the regimental number as the user name and password. Later this password and the user name can be changed. Now, the salaries of each jawans is credited into their account which they can withdraw using their ATM cards, moreover even their families back in their villages can withdraw from the salary account using the adon cards. The services of this BSF website is available to 775 of our border outposts also, where ever VSAT facility is in place. And this programme towards computerisation of all the personal data also started only two years ago in BSF, earlier all these processes were carried out manually. BSF has provision for online tendering, what has been the response towards these e-Tenders? Many of our tenders are global tenders so the directive is to put them on the Internet as well as in the print form in the newspaper. Without using the medium of the Internet we cannot expect to reach out to a global audience spread out across the world. Interestingly, the response to our online tenders have been good because many a times we get requests to change our technical quality specifications that we might have outlined in our e-Tenders. What are the technological provisions you have made in order to carry out your duties effectively? We are also planning to use Geographical Information Systems (GIS), for our border areas are very challenging. There are hardly any landmarks, so in order to monitor the features, take 3Dpictures, and also to see if any new recent developments have come about, this GIS apparatus will be of great help. We already have in place video-conferencing facilities with our ten frontiers and our training centres. Moreover, in another ten days we are executing video conferencing through GSM technology which will connect us to border out-posts and also enable us to see and talk to these men in the border areas without even having to move out of ones own office premise. In addition we already have CDMA technology in place for the same purpose. Even Government of India has sanctioned 3500 crores of rupees for the modernisation of the forces, out of which 500 plus crores are being used for computerisation and IT, and the rest are being used for acquiring equipments like nightvision devices, weaponry etc. Right now Ministry of Home Affairs (MHA) is developing a technology which will enable all control rooms across Delhi and across the country to stay connected thereby allowing for information sharing between various departments. And we are proud to say that a personnel from BSF is only developing this technology for MHA. This 14

technology once ready will not only ensure information sharing but would enable online transfer of files. There must be areas where these CDMA and GSM based communication devices will also not work due to lack of towers. What is alternate technology BSF uses in those ares? In cases where CDMA and GSM would not work, we are making use of optical fibres for which pilot projects are being launched shortly; and also V-SAT and satellite phones are quiet handy and useful in these areas. BSF had plans to put integrated cameras on these international border to better secure them, so what is the development on that front? Government of India had plans for integrated check-posts for both Indo-Pakistan as well as Indo-Bangladesh borders. You must be aware of Attari-Wagah border and the Petrapole border which will be the most modern IT integrated borders with a variety of facilities available. Regarding camera work is going on at good pace. Within BSF what are the steps being taken to deal with this hi-tech crime effectively? In order to check these hi-tech crimes which is using satellite phones, mobiles and Internet; as well as to address other connectivity needs of BSF we are laying down Tetra network along the border areas which are secure network capable of providing connectivity even while on the move. This Tetra network will in turn be connected to the wide area network of BSF which we already midway due to be completed by Bharat Heavy Electricals Limited (BHEL) in another two to three months. This infrastructure will cover the area from Delhi to all the 155 battalions that we have of BSF. And from battalions to border outposts connectivity needs will be met through three kinds of infrastructure which are constituted of VSAT satellite terminal, PSTN lines and High Frequency (HF) Radio technology. Once this Tetra network is in place all these surveillance cameras on the border will also be connected to it or not? Where would be the data centre for the storage of all this data collected through this Tetra network? Yes, once this Tetra network is fully in in place we will have all these surveillance cameras attached to it. The data centre for it all will be set up in Delhi. The cold recovery for this data centre will be in Bangalore and the hot recovery of this data centre will be in Calcutta. The data centre will also be with each of the frontiers. Intranet Prahari is another good initiative being taken up by BSF can you tell us the updates on this programme? Intranet Prahari is like a local area network, which will inturn be connected to the wide area network. This will be like a paperless office right up to the battalion level; all papers, files will be sent through Internet. This project has already been sanctioned and in the next six to eight months it should be fully implemented. Sandeep Budki & Tannu Singh sandeep@egovonline.net

www.egovonline.net

COVER STORY

Security is Prime Worldwide data, information pilferage and economic intelligence gathering through the use of Internet has redeﬁned security needs and strategies to combat growing threats

ith the rise in e-Governance across India and the establishment of State Data Centres that meet the information requirements of the citizens, threats to the government vertical has risen manifold. Leakage of confidential information through spyware, viruses, phishing, pharming and other blended threats is brought to the fore. There is no better example than the discovery of spyware, originating from China in the Ministry of External Affairs itself the impact of which can be immense, considering that spyware sends out at regular intervals to the attacker. Indian enterprises today are in the process of either establishing or reinforcing their security architecture. The increasing usage of IT by government department

Future Of Policing Public safety organisations continuously look for new tools to help them better serve and protect the citizens of the community as well as to ensure the safety of their officers. For years, law enforcement has used radio to provide them with the information they need to perform their missions. To increase the success of each operation, police are now incorporating video into their information network. Video can benefit law enforcement before, during, and after an incident. Before an event, highly visible video cameras act as a deterrent to crime. During an event, real-time video can be useful to a command center to plan a measured response with mobile units. After an event, recorded video can aid investigation efforts or serve as a source of additional evidence.

Mobile Video Sharing: Improving Policing Effectiveness Until recently, video has been constrained to either fixed locations with high-bandwidth wireline networks or to local storage with future playback solutions. These solutions lack the ability to provide live information to the people who need it most: officers on the front line. Combining mobility with video sharing allows officers and commanders to share critical new information, helping them to safely perform their missions. We are not simply talking about traditional CCTV video surveillance; we are talking about putting video into the hands of officers on the street, greatly increasing the availability of accurate real-time information at their disposal. Surveillance cameras are becoming more prevalent, thereby increasing the number and location of video sources. Video cameras can be found on light poles, on fire trucks, in police cars, and as part of buildings surveillance systems. Instant access to this video helps individuals and groups assess situations in real-time and respond more effectively. Mobile Video Sharing extends the availability of this information

16 }

to the many individuals outside the command centre. With access to this same information, officers en route can assess a situation and plan their approach prior to arrival. Once at the scene, the live video from the patrol car can be sent back to the command centre for another angle and view of the incident, providing a true video collaboration opportunity.

Redefining Policing “Mobile applications of camera technology are the future of policing,” said Charlie Beck, deputy chief of the LAPD. The department implemented a wireless network in the Watts neighborhood of Los Angeles where crime has been high. • 10 cameras wirelessly deliver video to an intelligence officer who monitors the area • When trouble is spotted, an intelligence officer instantly sends that video to the mobile police officers in that area • The responding officer views the video and responds accordingly • The technology helps LAPD cover a greater area with fewer people • Responding officers are more aware of the situations before they enter the area

Mobile Video Sharing Users of mobile video sharing today are finding new ways to utilize the technology. The following are examples of the value of mobile video sharing.

www.egovonline.net

and for online transactions by banks and other financial institutions has given a boost to the demand for security solutions. Over the last several years, phishing, and subsequent identity theft, is proving to be one of the biggest threats plaguing the Indian Internet space. Enterprises are now seeing the real potential of security solutions and infrastructure and they are moving towards leveraging them to accelerate business productivity. With the Government of India taking major initiatives to make the country e-Ready by initiating various e-Governance implementations there is an increasing need to create trust by educating the transacting parties about the confidentiality and integrity of their messages. This requires identification and authentication of transacting parties. From a consumer point of view, it isn’t anymore about someone siphoning your password with a keylogger or a phishing attack. Professional cyber criminals are

adopting various methods which include, hacking consumer’s online accounts to study behavior and obtain information and then using this information for launching a fraud attack. Internet users of social networking sites have also become soft targets for future threats. Looking at the international scenario in US, securing your network against attacks is not only good practice but is also mandated by laws such as Sarbannes-Oxley (SOX), PCI-DSS, HIPAA, GLBA and more. All these regulations require detailed reporting and an audit trail to show that you have indeed complied with the letter of the law. The intricacies of these regulations are as follows. GLBA is an important regulation in the banking and insurance industry and governs various activities of financial institutions. HIPAA concerns itself with privacy and security of electronic patient data in hospitals. PCI-DSS

regulates security in the credit card and retail industry. A company processing, storing, or transmitting payment card data must be PCI-DSS compliant. Digvijaysinh Chudasama , VP – Sales, Cyberoam-India said, “ It can be clearly

High crime area monitoring

Disaster management

Monitoring areas with a history of a high criminal activity can be enormously advantageous for police departments and the community. Conspicuous placement of cameras throughout the area creates an immediate crime impediment because criminals are aware that they are being monitored and recorded. When suspicious activity is captured on camera, mobile officers can view the crime in progress and may choose and the share the video with other officers. This form of immediate collaboration helps officers to evaluate the situation before entering a dangerous area. The result is greater officer safety. Response also benefits. Officers can see what is happening prior to arriving on scene, keeping them a step ahead of the bad guys. Officers do not need to drive slowly down the street, looking for the suspect – knowing exactly where to go and who to look for allows them to speed directly to the location.

Serious management challenges emerge in the aftermath of a disaster. In most cases, different agencies need to work together to respond effectively to the incident. Here again, video can play a key role in facilitating the response and improving the outcome. With Mobile Video Sharing, an adhoc network can be established to assist decision-makers as they establish a plan of action and workflow. A unified command centre might coordinate and help the various agencies deliver the best possible relief. Video from various responder agencies may be shared amongst one another and with incident command.

In-vehicle camera monitoring In-vehicle camera monitoring provides another valuable measure for improving officer safety. Car mounted cameras capturing video in front of them helps deliver a “virtual backup.” All the activity at a traffic stop caught on camera may be viewed live at remote locations, which may prove immensely valuable if the situation escalates. That video may be shared with a command centre and/or other officers as needed. As a result, the police department can respond quickly with the appropriate support. ov

March 2009

Technical Requirements of a Successful Mobile Video Sharing Solution A mobile environment provides some unique challenges to implementing a video sharing solution. Consider the essential requirements: • A wireless broadband network must be available to mobile clients • The network must accommodate two-way video streams • Security must be provided at all access points and across the network • Users must be able to send and receive data while on the move • Each unit, mobile or fixed, must be equipped for “command and control” collaboration • Cameras must serve the various needs of police, fire, and EMS departments • Huge amounts of digitized video must be recorded and archived • All technology must be easy to adopt and extremely user-friendly The increasing availability of video is changing traditional policing methods before, during, and after an event. Putting that video into the hands of the officers in the street exponentially increases the value of that information. 17

seen that, India’s current IT Act doesn’t have the scope and vision to ensure such a granular degree of control over electronic data covering various industries. Complying with these and other regulations is often complicated, time-consuming, and costly. “ According to a report by IDC India, the key trends in the Indian e-Security market are a convergence of network and desktop security coming closer, unified threat management appliances and policy-based administration coming into usage. Also of significance is the emergence of security consulting, endto-end security services and managed security services. With the installed base growth in PCs, broadband and mobile connections increasing sporadically, several market studies show the Indian market for security products and solutions to be around $120M, growing to around $1B by 2012. If we analyse the data over the last several years, the overall loss in the country due to digital security lapses is increasing. In addition, many companies that have not fortified their online presence have their brands defaced by hackers taking control of their customers’ digital identities, and in some cases the company’s website itself. The good news is that most institutions that have online presence understand the need for providing a safe and secure environment for their customers. Secondly, the end consumers are also becoming aware of how to operate online in a safe and secure manner. With this in mind, we are currently working on our go-to-market plans to address the needs of the Indian market, so that our products support the RoI expectations of the local market.

INTERNATIONAL SECURITY TRENDS Some of the international security trends garnering steam through 2009 are: • Local Language spam will target emerging markets in 2009. • Enterprise attacks will use VOIP technologies to engage in fraud that includes voice fraud, data theft and other scams. • New strains of malware consisting of millions of distinct threats will propagate as a single core piece of malware. • Web based security threats will continue to increase • Virtualized environments will be increasingly used to secure sensitive transactions and protect critical infrastructure. • Security attacks will focus on stealing intellectual property rather than personal data

The nature of worldwide data, information pilferage and economic intelligence gathering through the use of Internet has redefined security needs and strategies to combat growing threats. In one recent case, a company, a major player in power and utilities, was sabotaged and its critical information assets compromised by its very own security vendor - a foreign security company-something that highlights the vulnerability of networks, especially those of a nation whose information security needs are manifold. According to Digvijaysinh Chudasama, “There is an urgent need to redefine the concept of national security secrets and moving beyond protection of the defense industry and public sector to include even the entire private sector through compliance regulation”. He further added that setting up a Central Nodal Agency and Accreditation for CyberSecurity Solutions along the lines of National Security Agency in USA and other Approval and Certification bodies for Security Solutions is crucial. It should be made mandatory for security product to be indigenous especially in importantly identified centres like HQ and R&D in India. The need to choose deployment of security solution that integrates identity of a user as important criteria in providing protection. In regards to digital signatures Rajiv Chaddha, Vice President Sales, VeriSign India said, “The main challenge to digital signatures gaining popularity in the government vertical is the relative lack of education and awareness about digital signatures and its advantages. However, the awareness is increasing rapidly among business users and government officials as the Controller of Certifying Authorities (CCA) is

working hard to educate people about the applications and benefits of digital signatures.’” He further added, “Though deployments in the government sector have been less in the last two to three years; many government departments have now begun taking interest in digital signatures as part of their e-Governance initiative.” Commenting on NIC’s role, he further said that, “After NIC has become a nodal agency, the government departments have started trying digital signatures in areas like tenders, data, e-Procurement and many other applications”. Digital signatures provide a secure environment by assuring the parties involved in the transaction that their information is confidential and ensuring the identification and authentication of the transacting parties, so that they cannot repudiate the transaction at a later date. Among other major government departments that have embraced this concept is the DGSD or Directorate General of Supplies and Disposal that has considered digital signatures for better transparency and is expectedly going to formally complete the online rollout soon. With the arrival of the e-Governance era, information like taxation, land records and more while available easily and readily to the citizens stands vulnerable to attackers. Securing the data centers and other repositories of information, thus preventing confidential data leakage, controlling access to inappropriate sites, complete visibility into the network so as to know who is doing what in it, and monitoring and control of user behavior hold the key to future security. Sandeep Budki sandeep@egovonline.net

www.egovonline.net

www.checkpoint.com

INTERVIEW

Checkmate Threats How does one secure data centers? Data Centre security is like an Airport security comprising of multiple layers of defense. The number and complexity of the defense layers depends on the business critical functions hosted in the data centre and their respective integration with the ecosystem entities. Every layer of defense is termed as the security control. In the state-ofart data centers besides security, the availability and applications performance are the critical functions as well. As a result most of the security controls deployed in data centers are built with high degree of redundancy and resilience. Moreover there has been an impetus to build the Disaster Recovery Sites to run the Data Centre operations from a geographically different site in the event of the Primary Data Centre failures. All these initiatives not only mitigate the menace of unauthorised, malicious, and intrusive attempts on the information but also ensure the availability of important information and services for the legitimate users at all the times. Security management is a vital component for assuring of efficacy and confidence of deployed security controls. All the data centre security controls are rendered ineffective if the Security Management Plane fails to deliver the comprehensive view to the real time and historical events.

Bhaskar Bakthavatsalu Country Manager, India & SAARC Check Point Software Technologies Ltd.

â&#x20AC;&#x153;

There has been an impetus to build the Disaster Recovery Sites to run the Data Centre operations from a geographically different site in the event of the Primary DC failuresâ&#x20AC;?

20 }

On the event of a security lapse, how is data retrieved? What are the back ups that are thought about? Depending on the maturity levels of the data centre, the recovery procedures are taken. If the hot standby DR infrastructure exists for the compromised infrastructure then the Business Continuity is resumed by triggering the Disaster Recovery Plan. However, if there is no availability of DR site, then critical data needs to be backed up at periodic intervals using variety of backup methods. In the event of data corruption or loss, the same can be restored to the recently backed up data contents. Is there a threat on Critical Infrastructure from the terrorists? What are the measures to be taken in this regard? First step would be towards empowering the Computer Emergency Response Team (CERT) and enforcing better ties and communication between CERT and other agencies like IB, RAW, etc. There has to be a dedicated agency to proactively keep tracing these terrorist interactions over the wire. In order to circumvent the threat of national information theft all the access to such information has to be with PKI and Digital Certificates and need not be restricted to just SSL or IPSec. All banks should be mandated with Anti Money Laundering (AML) technologies and should be periodically audited for the assurance of the controls. All the telecom service providers should bundle the security solution along with WPA2 Wi-Fi security controls for their Home User and Small Office broadband subscribers. Check Point UTM-1 Edge, Safe@Office wireless access appliances support security policies utilising multiple SSIDs, WPA, WPA2, and MAC address filtering. Other security measures such as IPSec over WLAN and RADIUS are also supported. Tannu Singh tannu@egovonline.net

www.egovonline.net

FEATURE FEATURE

CYBER SECURITY:

Pre-requisite in Cyber-World The creation of cyber world has given us a big responsibility of ensuring cyber security

t is a world gone by where we used to say that ‘World is shrinking’. Today it would be no hyperbolic statement to say that ‘World has already shrunk’. And what has facilitated this convergence-Internet. Today, Internet has become that omnipotent tool which literally ‘knows it all’. So given the situation , its no surprise that for everything we now rely on computers and the Internet communication (email, cellphones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on Internet? How much of your personal information is stored either on your own computer or on someone else’s system? And imagine if all this information of ours stored on the computer is not protected and secured. Every big innovation brings along with it big responsibility. So with this very enabling ‘cyber world’ that we have created, we have also inherited the even bigger responsibility of ensuring ‘cyber security’ secure because its almost our entire life which can in one way or the other be accessed through this tool of ‘cyber world’. So how would we define this ‘cyber security’? Cyber security entails protecting the stored information by preventing, detecting, and responding to any malicious attack made towards any wrong usage of these information stored on the web world. Amuleek Bijral, Country Manager, India and SAARC, RSA, the Security Division of EMC, said, “Online fraud as a whole 22 }

is a $3.2 billion industry. In fact, RSA Anti-Fraud Command Center (AFCC) itself, which is a 24x7 war-room detects, monitors, tracks and shuts down phishing, pharming and trojan attacks against more than 200 institutions worldwide. The AFCC has shut down over 80,000 phishing attacks till May 2008 across 185 different countries and is a key industry source for

information on phishing and emerging online threats.” WHY CYBER SECURITY IS NECESSARY

Cyber security is important because there are many risks involved, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone www.egovonline.net

*Source: McAfee’s Annual Virtual Criminology Report-2008

using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. Unfortunately, there’s no 100% guarantee that even with the best precautions some of these things won’t happen to you, but there are steps you can take to minimize the chances. As the saying goes, ‘Prevention is better than cure.’

and computer systems for their own gain. Although their intentions are not be always malicious. But the results can range from mere mischief (creating a virus with no intentionally n e g a t i v e impact) to even malicious activity (stealing or altering information). Malicious code: This category includes code such as viruses, worms, and Trojan horses. Although some people use these terms interchangeably, they have unique characteristics. Viruses: This type of malicious code requires you to actually activate it by simple interventional steps like opening an email attachment or going to a particular web page, before it infects your computer. So one needs to be very careful aganist these kind of attacks.

TRENDS IN CYBERCRIME

The recent trends in cyber crime are professionalisation of cybercrime; hacktivism; cyberwarfare; rising rate of identity theft; epidemic of security vulnerabilities in software & networking products; shrinking time from exposure to attack; soaring rates of SPAM; targeting of web-based applications; targeting of desktop computers; new risks stemming from mobility of data; and emergence of sophisticated, multivector “blended threats”.

The current cyber security laws are not adequate to ﬁght the cyber menace we are facing” Amuleek Bijral Country Manager, Asia & SAARC, RSA

TAKE AN INITIATIVE

So now the question arises what can we do? The first step towards protecting oneself against these cybercrimes is to recognise the risks and become familiar with some of the terminology or jargon associated with them. Hacker, attacker, or intruder: These terms are applied to the people who seek to exploit weaknesses in software 24

Worms: Worms propagate without user intervention. They typically start by exploiting a software vulnerability (a flaw that allows the software’s intended security policy to be violated), then once the victim computer has been infected, the worm will attempt to find and infect other computers as well. Similar to viruses, worms can propagate via email,

web sites, or network-based software. The automated self-propagation of worms distinguishes them from viruses. Trojan horses: A Trojan horse program is software that claims to be one thing while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder. LEGAL FRAMEWORK IN PLACE

Governments are failing to prioritise cyber security issues despite the evident increasing risk through it to national security, governments, economy as well as the general populace. And the first hurdle when it comes this prioritising cyber security within government is the technical ignorance and lack of foresight of the widespread and longer term risks this can entail, which thus is acting as an impediment towards allocating legislative time and resources to it. According to Amuleek Bijral, “The current cyber security laws are not adequate to fight the cyber menace we are facing. For example there is a lot of fraud on the internet banking channel in the form of Phishing and Trojan attacks happening today in India, but the cyber laws are inadequate to prosecute anybody for that crime. Moreover, identity theft in general is not a recognised crime as yet.” The Council of Europe Cybercrime Convention is acting as a global model law for setting up the standards for cyber security. Though most significant jurisdictions now have laws in place in the world of cybercrimes but legislation alone is not enough to reduce cybercrime to acceptable levels. And as laws are too technology specific, so they go out of date quickly. Moreover, the efficacy of these laws is heavily dependent on successful investigation and prosecution, thus there ensues a continuous struggle with the transnational nature of cybercrime. Hence there is the need for a holistic solution which goes beyond the criminal law. Therefore countries must be encouraged to harmonise laws at the highest level whilst putting massive effort into international cooperation. Tannu Singh tannu@egovonline.net

www.egovonline.net

www.eINDIA.net.in

5th

4 Tracks 40 Countries 100 Thematic Sessions 200 Companies 5000 Delegates Previous partners of egov India

India's Largest ICT Event INDIA

INDIA

2009

25 - 27 August 2009, Hyderabad International Convention Centre, India Organisers

Co-organiser

Department of Information Technology Ministry of Communications & IT Government of India

knowledge for change

Supporting Partners

速

eINDIA 2009 is a unique platform for knowledge sharing in various domains of ICT for development and facilitates multi-stakeholder partnerships and networking among governments, industry, academia and civil society organisations of different countries, including India. The objective is to bring together ICT experts, practitioners, business leaders and stakeholders of the region onto one platform, through keynote addresses, paper presentations, thematic workshops and exhibitions.

INDIA

2009

Will have the strong participation from

For Sponsorship and exhibition enquiry, contact: Gautam Navin (+91-9818125257), gautam@csdms.in Debabrata Ray (+91-9899650692), debabrata@csdms.in For paper submission, contact: Nilakshi Barooah : (+91-9911142973), nilakshi@egovonline.net

www.bengaluruairport.com

INTERVIEW

Airport Redeﬁned

Francis Rajan Head - ICT Bengaluru International Airport

“

The Bengaluru International Airport is the ﬁrst airport to introduce Digital TETRA for Trunk Mobile Radio Users for all airport stake holders to use within the airport for operational requirements”

28 }

How equipped is Bangaluru International Airport (BIA) with latest communication technology applications? The Bengaluru International Airport is a new start in Indian aviation with regard to the experience of the passenger on the ground. While the airport aims to give the passenger the ultimate in travel experience, it has also invested in state of the art IT and communication systems to ensure faster processes and responsiveness. The Bengaluru International Airport is the first airport to introduce Digital TETRA for Trunk Mobile Radio Users for all airport stake holders to use within the airport for operational requirements. Current capacity deployment is 1000 TMRS radios and 100% uptime recorded from date of “GO live” operations in our airport. For all the stake holders it is Motorola – Diametra system. Bengaluru International Airport has IP PABX – Siemens HiPath for captive consumption and Nortel IP PABX to meet stakeholders’ needs. Bengaluru International Airport has opted for and implemented IP convergence and has the base set for Triple Play. Currently it is IP Voice and Data. As soon as IP TV is launched, we plan to introduce the triple play services. Bengaluru International Airport will implement UCM in the coming financial year. As of today we have MS IM implemented and with Nortel IP PABX and Microsoft handshake on UCM, we could easily implement the same very effectively for stake holders. What are the benefits that the new Bengaluru airport brings to its passenger interface through IT advancements? Apart from the above mentioned backend systems, for passenger convenience, the airport aims to make processes user friendly, to keep in tune with the increasing use of technology in every walk of life that the passenger would expect at the airport as well. The days of queuing up for baggage screening before check-in is over. Passengers travelling through Bengaluru International Airport use a seamless, single check-in process, thanks to the inline screening system. This is an international foolproof baggage screening process and Bengaluru is one of the first airports in India to implement this system. What this means is that passengers with www.egovonline.net

check in baggage walk straight up to the check in counters and check in their baggage and get their boarding pass in one go. BIAL has taken into consideration the growing trend for self check in the aviation sector. Besides having 53 Common Use Check-in counters, the new airport has 18 Common Use Self Service (CUSS) enabled self check-in kiosks. Common use check in counters facility allows optimal use of available airport infrastructure. No airline has dedicated counters as is seen in other airports across the country. Here, if a flight is taking off at a particular time, the airline occupies a certain number of counters for that particular flight. Once the flight’s check in process is completed, the airline leaves the counters for the next airline to carry out their check in process. Common Use Self Service (CUSS) is a shared kiosk offering convenient passenger services for self check-in. It is feasible to expand other application access which can be performed by the passengers themselves like ticketing, baggage tracking and other allied services, based on Airline readiness. This facility provides the passengers with a convenient and direct interface with the airline system whilst allowing multiple airlines to maintain branding and functionality. Finally an airport that befits the ‘IT city’ with a service that’s apt for its users. For all of us addicted to the internet, free Wi-Fi in the terminal building is just one more of the added advantages of using the new airport. The simple log on process requires the user to switch on his/ her laptop and enter his/ her mobile phone number on authentication request. The user then receives a PIN through an SMS which has to be entered to use the service. With spare time spent fruitfully catching up with friends in the virtual world or sending off that urgent email, the wait to board the flight just got so much shorter! ours is one of the very few airports in the country to provide this service free. In providing such a service User Identification, Authentication, Lawful Intercept Logs and Encryption aspects are important and have been taken into consideration. Bengaluru International Airport’s car park can accommodate 2000 cars. This is fully automated with an efficient and transparent management system, provided by SKIDATA, a leading global provider of car park systems at airports. The car parking system is managed by Central Parking Solutions, India’s largest car park operator. SKIDATA is an international solution provider specialising in professional access management and ticketing. SKIDATA™ parking system APT 450 deployed at the Bengaluru International Airport is the latest access management solution to the various requirements of small-, mid- and large-sized parking facilities. SKIDATA’s parking management solutions are based on the latest technology to provide maximum security, reliability and convenience. They are optimised for ease of use. As an airport, has BIAL engaged any state of the art communication system that is an industry first? In October 2008, BIAL launched India’s first emergency alerting system at an airport. e-Konfer, a web based emergency alerting and group communication system developed by HCL exclusively for Bengaluru International Airport is the ov

March 2009

backbone of all secondary communication at the airport. Inbuilt with technologically advanced features such as group audio/text message broadcasting and conferencing, E-Konfer provides vital tools required by the duty staff at the airport to alert management teams of developing situations without much loss of time. Groups of people with a maximum number of 23 members in one group can be alerted within a short span of 2-3 minutes with repeat broadcast of the alert to the recipient until eventually acknowledged. This will be mainly used to disseminate secondary alert/communication in case of full emergency or aircraft crash. Based at Aerodrome Emergency Operations Centre (AEOC) of the airport with two client locations within, this automated system establishes the impact of technology on airports and Bengaluru International Airport’s efforts in leveraging the same for Bengaluru. What role has ICT played in securing Bengaluru International Airport? At Bengaluru International Airport – we have ICT infra Systems like CCTV, ACS from the stand point of security aspects. As mandated CISF do monitor the CCTV images. For securing the Passenger Baggage’s BIA has implemented the Industry leading solution - SITA – BRS (Baggage Reconciliation system) which is as per IATA standards that automatically matches passengers on board to their baggage to be on board. From a check in security point of view, passengers check-in along with the baggage and the check-in baggage is screened using the latest inline screening system. This is an international foolproof baggage screening process that has been designed and implemented as per the BCAS (Bureau of Civil Aviation Security) regulations. This screening process has an inbuilt five level screening system to ensure that no objectionable materials are carried. Most importantly, with a single process, the passenger checks in successfully, eliminating the need of two separate queues. Business Continuity Management (BCM) is a critical process for organizations since it helps them recover expeditiously post an occurrence of a disaster or an extended business interruption. Does Bengaluru Airport prepared have a BCM plan in place? Yes, BCM is absolutely critical in any business today, so also with an airport. Bengaluru International Airport Limited has implemented Business Continuity Management as one of our mainstream activities. Our BCM is a holistic and on-going management process intended to identify potential hazards of varying size and severity that threaten the organization/ business. It provides a framework of building resilience by developing and maintaining appropriate response plans as well as cost-effective alternative resources to safeguard the interest of key stakeholders, reputation, brand and value creating activities. To match with international standards, this initiative is coordinated in BIAL by a BCM Coordinator and planned and monitored by different committees. Sandeep Budki sandeep@egovonline.net 29

FEATURE FEATURE

Securing Mobile Phones Security of mobile phones though at an early stage will gain momentum and importance in the coming years to come

obile phones is no more a luxury item, it has become a necessity. Look around and we see almost everyone carrying a mobile phone today. This allin-one device acts as our bill payment gateway, storing valuable information, checking emails and also serves as an interface with our banks. However, these benefits does not come easy. There is an increasing number of threats on mobile phones and therefore, securing the mobile device from hackers and unauthorised agents becomes a major concern. According to the McAfee Mobile Security Report 2009, there has been an unprecedented growth in the number of mobile security threats in the recent years. The research shows the increase in the number of virus / spyware infections, voice or text spam attacks, third party application / content problems, loss of user data from devices and phishing attacks over a period of three years from 2006 - 08. Among all the threats, voice and text has recorded the highest number of attacks. Connecting to the world wide web is one of major causes of such security threats on our mobile phones. Therefore, any phone which has

Kartik Shahani Regional Director, India and SAARC, McAfee

“In India there are a lot of mobile security solutions that are available, but no one is using them”

30 }

the capability of accessing the web and can download things from the Internet are at a higher risk of attracting viruses and other such security threats. WHAT IS UNDER THREAT?

One might ask – what is under threat? One obvious guess is the theft of mobile phones which can subsequently lead to access to our personal and confidential data and information. Therefore, physicals security of mobile phones becomes an area of high concern. People tend to store a lot of confidential data / information such as bank PIN numbers, credit card details which is a major area of concern. If the handset gets lost and the information is not encrypted, it will be easily available to someone without any effort. Data in a mobile phone also becomes vulnerable with unauthorised agents/ persons extracting confidential information through an external medium such as CD or USB memory stick and selling it to a third party. Someone can also create passwords entries and gain access to our encrypted files.

There are solutions for mobile encryption which will ensure that the confidential information in your mobile phones is not misused. In other words, encryption is all about limiting the access to a mobile device through passwords. Market is flooded with variety of mobile phones ranging from low end, affordable ones to the high end sophisticated ones. Speaking to egov, Kartik Shahani, Regional Director - India and SAARC, McAfee, said “The security features also differ from one phone to another. A smart phone or a Personal Digital Assistants (PDAs) will have different security threats attached with them, while GSM or CDMA phones will have different security features attached”. With the popularity of mobile phones among the masses and the number of value added services increasing day by day, the concerns over the security of mobile banking and payments becomes prime. Like the anti-virus softwares in our personal computers, protection of the mobile phones also becomes an area of concern. The McAfee report further www.egovonline.net

says that “Today, service providers, banks, and PC manufacturers recommend the installation of personal protection products (often at no cost for the user.) But the situation is different in the mobile space. While mobile banking services are growing rapidly in developing countries, where other payment methods are rare, mobile devices continue to lack sufficient protection features”. SCENARIO IN INDIA

Anti-virus and other security features for mobile phones are available in the Indian market, but these are not popular among the people. There are a lot of reasons for the non-popularity of mobile security features in India. The most striking reason that one can count is the lack of awareness among the people. Moreover, there has not been any major mobile security issue that came up in India which can induce people to take mobile security on a serious note. Shahani further added that, “In India there are a lot of mobile security solutions that are available, but no one is using them. There are countries where mobile security is considered a must. On the other hand, there are countries like India, who are aware of such mobile security solutions, but are not bothered as of now to acknowledge the fact as there has not been any major outbreak that can induce them to use such security features”. Therefore, one can say that mobile security is at a very nascent stage in India. Talking about the current mobile security scenario in India, Rajiv Chaddha, Vice President, Sales, VeriSign said, “When we are talking about 10 - 20 percent penetration in terms of applications, we are just

talking about 8 - 10 million handsets. Yes it is right to say, that mobile security is at a nascent stage now, but appropriate steps has to be taken, before rolling out services to a much larger base”. Moreover, the current laws in India does not specifically talk about security angle in a detailed fashion. It only says – if one is caught sending spam mails, hacking emails or causing identity threats, one will be penalised. TRANSACTION ON MOBILE PHONES

With the growing popularity of financial transactions over mobile phones in India, there is an increasing threat of financial losses, if security measures are not put in place at the right time. The above mentioned graph shows the areas of high concern in terms mobile security. It can be drawn from the figure that payments and banking are the major areas of concern. In the current scenario, mobile payments and mobile banking services are protected with only one level of security that is the user name and the password. “If someone is able to hack these two things there can be a lot of financial losses” says Shahani. With the growing popularity of mobile phones in India and the various value additions that is happening, one has to check the additional layers of authentication as well. Second factor authentication is a thing that a lot of people are talking about. Also, one has to see what are the kind of passwords

Do’s and Don’t to Secure your Mobile Phone • • • • • •

Never connect your mobile phone through a unsecured wi-fi connection available in public places such as airports etc. Don’t open every SMS / MMS as it may contain viruses, especially from unknown sources. Never accept offers such as called tunes or dialer tunes from unknown sources. Try and avoid using bluetooth in public places, as someone can access your confidential data / information. Never open / download emails or attachments from unknown sources. Be careful about the websites you are browsing. If it does not sound authentic, do not download anything from it.

that are available – is it a direct password or a randomly generated one. A silver lining in the clouds is that, RBI is putting a regulation in place by August 2009, stipulating that any online transaction of more than INR 5000 through a credit card will have to be authenticated with a password. On the other hand, a lot of manufacturers have plans for having an in-built security feature in the mobile phones. Chadha further said, “Operators in the current scenario is thinking about second hand authentication of transactions over the mobile phone”. The McAfee report also states that, “About 75 percent of the manufacturers prefer to include security technology as a preloaded and prepaid functionality or service on their devices, limiting user interaction and responsibility”. LOOKING FORWARD

Security of mobile phones though at an early stage will gain momentum and importance in the coming years to come. With the regular security features such as user name, passwords, encryption and second level of authentication, there is also a need for developing more sophisticated yet user friendly security features. Putting things in perspective, Shahani told, “Mobile viruses are maturing in the same life cycle as the personal computer viruses. PC viruses started off with cookies and other network viruses. Gradually, it became lethal with viruses attacking with the intention of financial gain. In the mobile world also it came along the same way”. It is high time for us in India to pull up our socks before it is too late and address the mobile security issue in a more detailed and comprehensive way. Nilakshi Barooah nilakshi@egovonline.net

www.egovonline.net

CASE STUDY FEATURE

Effective Collection Processes

he Income Tax Department under the Ministry of Finance, Government of India is directly responsible for tax collections across the country. Its administration processes were set up in 1939 and computerised processing of returns all over the country was started in 2002. For effectiveness in its collection processes, the Department explored the option of Video Conferencing solutions with the intent of affixing 46 sites all round the country and 8 sites within Delhi in a mesh of e-Video. The challenge was to find a cost-effective and efficient way to expand the reach of the Department’s Tax Domain. The solution thus provided for the Income Tax department was Polycom’s video conferencing system. Polycom has met all of Income Tax’s exacting technical requirements for a state-of-art, easy to use and maintain video conferencing solution. Polycom Video Conferencing has been set up

March 2009

between 56 locations across India and is on the Taxnet MPLS Backbone. The project includes connecting 56 offices of Directorate of Income Tax including the offices of The Chairman, CBDT, DGIT (Systems) and various Chief Commissioners of Income Tax all over India through the POLYCOM Video end points (VSX 7000s), Audio Conference Units (VTX 1000) and the central controlling unit (MCU MGC 100). The back bone connectivity is provided on MPLS through implementation of Quality of Services (QoS) on the routers because of Real Time Traffic. Also, all the Income Tax offices regularly meet with the Chairman for reviews and dissemination of information across all the offices. The result has been better performances by separate regions in the country. The advanced video conferencing network has provided the Directorate of Income Tax with first rate audio and state of art video images - making video conferencing a seamless experience.

CASE STUDY FEATURE

Seamless Experience

he Indian Council of Agricultural Research (ICAR) is an autonomous organisation under the Department of Agricultural Research and Education, Ministry of Agriculture, Government of India. With 48 ICAR Institutes, 5 Bureaus, 11 Project Directorates and 30 National Research Centres, there was a requirement to create an effective means of communication and collaboration for better decision making and smooth information flow. The challenge provided was to establish a Stateof-the-Art Video Conferencing and IP Telephony Network amongst its 23 sites spread across India. The solution thus provided was Polycomâ&#x20AC;&#x2122;s Audio and Video Conferencing solutions. The ICAR now has Video Conferencing facility between 23 locations across India and is able to seamlessly and instantly collaborate with all the locations. The central site connects to the various different sites utilising Polycom Video end points (VSX 7000s), Audio Conference Units (VTX 1000)and the central controlling unit (MCU MGX 100). All 23 sites also have IP Telephony facilities (IP Phones 7961G). The Call Manager (IP Telephone systems MCS7825) is installed in the NASC Complex office in New Delhi. The back bone connectivity is provided by ERNET through implementation of QoS on the routers because of Real Time Traffic. 34

The result has been a seamless experience for the Council. The system since it became operational, has simplified the mode of communication between all sites across India. Both the above projects were facilitated by Presto Infosolutions Pvt Ltd., a leading Systems Integrator committed to provide quality Collaborative Solutions to customers while helping them achieve competitive gain through the use of this advanced Information Technology tool. Prestoâ&#x20AC;&#x2122;s team of Expert Consultants are on the cusp of emerging technologies that help customers lower overall costs and improve productivity. Through the utilisation of a rigorous methodology, Presto Infosolutions balances the requirement for innovation with the discipline required for superior results. Their competency is in architecting ,training and deploying Video Solutions that consolidates, integrates and automates, management of information, protect and secure mission critical data.

www.egovonline.net

INTERVIEW

www.sbi.co.in

e-Banks: The new Mantra What does e-Governance mean to you? e-Governance is the use of IT to improve the ability of government to address the needs of the society. It includes the publishing of policies and programmes related to information to transact with citizens. It goes beyond provision of online services and covers the uses of IT for strategic planning and reaching development goals of the government to the citizens. It is a prime concern of the government today that the revenue deposited at various branches of banks throughout the country are collected expeditiously and every rupee to be spent on social sector plan schemes reaches the intended beneficiaries directly and promptly. It is, therefore, imperative that the Indian Banking Sector through its network of over 74,000 branches provides efficient and swift Cash Management System and Payment mechanisms to ensure timely availability of the funds to the ultimate beneficiaries.

R P Sinha Deputy Managing Director (IT), State Bank of India

“

Indian Banking Sector through its network of over 74,000 branches provides efﬁcient and swift Cash Management System and Payment mechanisms ensures timely availability of the funds to the ultimate beneﬁciaries”

March 2009

What is the basic mantra of Indian economic development process? Growth with equity is the basic mantra of Indian economic development process. Inclusive growth can be achieved if relatively low income group people in the society can have easy and affordable access to financial products and services. Banks can help bridge this divide by taking technology beyond urban centres to remote areas that are still unbanked and underserviced, by serving as a channel for credit delivery and innovative products to the poor and underprivileged sections of society. With an efficient deployment of technology, banks can step in and provide access to banking facilities viz. opening of no-frill account, money transfer services, payment of bills, etc. They can also provide payment solutions to conduct e-Payments with government Departments using Smart Cards/Credit Cards. In this area, Financial Information Network and Operations Ltd. (FINO) is also rendering laudable service to the rural poor. How has been SBI’s journey so far? State Bank Group today has a network of more than 16,000 branches and more than 10,000 ATMs spread all over the country - and all these touchpoints are interconnected and are all on core banking platform. State Bank of 35

SBI’s e-Governance initiatives • • • • • • • • • • • •

‘Online Tax Accounting System’ (OLTAS) for entire Direct Taxes Collection of the Government of India. 14 Centralised Pension Processing Centres for 2.61 million strong pensioners throughout the country. Refund Banker for Income Tax Refund: Facilitating Income Tax Refunds directly to taxpayer’s account through electronic banking. Citizen Service Centres ‘Jeevan: With the State Government of Delhi- providing everything from Birth Registration to issue of Death Certificates. Akshaya Project of the Kerala State IT Mission: To provide payment gateway for channelising the proceeds of various utility and other payments collection Cyber Treasury Services for tax collection: Presently 14 State Governments have been provided with this facility. This is likely to be extended to all State Governments within a year. AP Online: A kiosk based citizen portal of Government of Andhra Pradesh. MP RTO: A special project of Government of Madhya Pradesh for online collection of all Transport department dues. Online Bus Ticket Booking for Karnataka Road Transport Corporation (KSRTC). e-Freight: Services for Railways. More than 100 large corporates are using our online freight payment services. e-Gram Project of Gujarat Government: Providing e-Governance services in villages of Gujarat. Bhamashah Financial Empowerment Scheme: With Government of Rajasthan- Using biometrically identifiable Smart Cards for upliftment of poor.

India, with its public sector character and behemoth size, has always stood the test of time and responded with speed and agility to the ever increasing requirement of the changing environment. State Bank Group has been the main banking arm of the government with relationship as old as two centuries. We have been pioneer in many IT initiatives of unprecedented scale and complexity and providing several e-Government initiative to state and central government.

the village postman. State Bank Group is the market leader in credit linkage of Self Help Groups (SHGs) with a market share of 43 percent. The Group has successfully met the challenging target of credit linking 1 mio SHGs that has benefited 1.38 crore families. Since e-Governance is administered through the use of IT, the geographical reach of IT and IT enabled services would determine the reach of e-Governance initiatives.

What is the back bone of your IT infrastructure? The backbone of our IT infrastructure is the Leased Line Network “State Bank Connect” the largest among Indian banks. We plan to extend the network, further, to many more touch points by adding many brick & mortar branches as also a large number of ATMs for the year ending March 2010. We faced a lot of bottlenecks in providing connectivity to our branches for implementation of Core Banking Solutions but these impediments in providing leased line connectivity in remote areas were overcome by deploying alternate technologies like VSATs.

Recently, SBI partnered with Goa government’s e-Governance initiative with the launch of Cyber Treasury. What advantage it brings to tax payers? This initiative will enable tax payers to make online payment of taxes of Government of Goa like Value Added Tax (VAT) and Central Sales Tax (CST) to begin with.

What is SBI’s roadmap for e-Governance? Our social commitment, unparalleled reach, diverse customer base and state of the art technology infrastructure have put us in a unique position to take the e-Governance initiatives to every nook and corner of the country. We are deploying technology innovatively to provide financial services at affordable cost to the hitherto unreachable and unbanked or underserved rural poor. We have taken upon ourselves to open smart card based ‘No Frills’ accounts in 1 lac unbanked villages through Point of Sale (POS) instruments handled by the Business Correspondents, under the financial inclusion initiative. Over 1 million ‘No-frills’ (basic) Savings Bank accounts have been opened in the names of beneficiaries into which the government benefits are paid. SBI Tiny Cards (based on Smart Card technology) have been provided to the beneficiaries who can withdraw money by simply swiping their SBI Tiny Card on a hand held device with the Business Facilitator (or Business Correspondent) who could be, say, 36

What are your future plans? Efforts are on to set up a payment gateway to further facilitate collection of government dues. As more and more banks move on to core banking, the government is also working on Core Accounting Solution (CAS) as a centralised solution. CAS is aimed at eliminating paper work at various levels and introducing electronic exchange of information between government departments and banks based on which banks are to process the transactions. CAS aims at setting up a single server for all departments of the union government across the country connected to CBS servers of all transacting banks. This will ensure real time connectivity. CAS integrated with CBS of banks will also help the government in tracking movement of funds. A team of technical officers from SBI is presently working in the office of the CGA for development of the Core Accounting Solution and its integration with our Core Banking Solution. I am extremely positive that we can put in place world-class IT platforms which the government wants, to achieve the highest standards of excellence with data integrity, efficiency and accuracy being the hallmarks. Sandeep Budki sandeep@egovonline.net www.egovonline.net

www.cisco.com

INTERVIEW

Lead a Change

Joan McCalla Distinguished Fellow, Internet Business Solutions Group, Cisco

â&#x20AC;&#x153;

It is only in India that I have seen such a large scale, comprehensive, well thought out, national level plan for harnessing the capabilities of ICT in the area of governanceâ&#x20AC;?

38 }

Before joining Cisco, you worked with the government for a long time. So how do you rate India when it comes to the question of ICT deployment in the government sector? First let me start with the big picture. We have to work in two essential dimensions, first is the area of broad government strategy, that is ICT to support social and economic development, including the important role of ICT in the health and education sectors. The second dimension is more narrow, and is about enabling the transformation of government in terms of improved services, improved efficiency and effectiveness which we traditionally label eGovernance. In India, the government is working in both these dimensions. In terms of e-Governance and the work underway, I do not know of a plan which is larger in terms of scope, scale and vision but at the same time so thoughtful and comprehensive. And I think India is as advanced as any other country in terms of thinking through, end to end, as to what role e-Governance can have in transforming the service provision to the people. Though I do not feel qualified to rank India compared to other countries, I feel India is in early days both in terms of transformation of the government itself as well as in terms of the readiness of the environment which includes the state of automation, capacity, training and skills. The infrastructure piece out of the whole plan has moved ahead of the services and the applications pieces. So now the next obvious step is to work on the services and applications both at the state as well as the national level. It is time to build on the early successes and move very rapidly for which the government is well poised. Another factor is the readiness of the population in terms of access to the infrastructure, access to computers and the Internet, and the readiness to use it; and this I think will come about quickly because there is a no lack of interest regarding this amongst people. I think once the services are available, citizens will be accessing the services of e-Governance. India is also a role model in terms of its role in the BPO and ITES sector. It is only in India that I have seen such a large scale, comprehensive, well thought out, national level plan for harnessing the capabilities of ICT in the area of governance. But yes there are challenges and so it is important to stay focused. www.egovonline.net

Subscribe & be updated about latest scenario in e-Governance, egov magazine presents a ‘value for money’ subscription offer

New Subscription Renewal

Yes, I would like to receive egov magazine for: Subscription INR

Subscription USD

3 years* (36 Issues)

Rs. 2000

250

2 years (24 Issues)

Rs. 1500

150

1 years (12 Issues)

Rs. 900

100

Name ................................................................................... Address.................................................................................. .............................................................................................. City ...................................................................................... State ..................................................................................... Country ................................................................................ Postal Code .......................................................................... e-mail ................................................................................... Phone ...................................................................................

Enclosed is

Cheque

No. : .............................. Drawn on ..................................... Dated ...................... in favour of “CSDMS” payable at Delhi

ov CSDMS G-4, Sector-39, Noida-201 301, India For subscription related queries contact: Tel: +91 120 2502181-85, Fax: +91 120 2500060 Email: lipika@csdms.in

Terms & Conditions: Allow 3-4 weeks time for the delivery of magazine. • Please add Rs. 50 for outstation cheque. • International subscription is inclusive of postal charges. • Publisher will not be responsible for delays or non delivery of the magazine.

Subscription Page

The First Asian Monthly Print Magazine on e-Governance

But unlike the west, in India a standardised e-Governance programme will not fit the needs of all areas, mainly because of the linguistic problems. So what are your comments in this regard? Yes, that is very true; India has many challenges. Also never is it possible to simply replicate the e-Governance plan of some other country and thus accelerate one’s own process of adoption and implementation of e-Governance. But personally I do not think linguistics is such a big problem because content generation in varied languages can be achieved relatively quickly especially in the context of web-content. The bigger challenge is dealing with the cultural differences both in the case of the government departments as well as in the case of clients, so that at the end of the day e-Governance is adopted, implemented and maintained well. To overcome this challenge, leadership in terms of keenness and the initiative of the government officials and political leaders towards making e-Governance a reality is especially important. Moreover the participation of the clients/ endusers is very important as happened in the case of the MCA21 project, and is one the important reasons for its success. How difficult has it been in other countries like Canada, America when they started thinking about e-Governance? It is always very hard. When I was director of the development of Ontario’s first enterprise-wide information- technology strategy, we got it approved and funded by our Cabinet in 1998 as a three year strategy which we thought would be achievable within the time-line. But it is ten years later that the vision we had thought of then has been achieved. Part of it was the usual over-optimism and yes, there were challenges. One was the challenge that the year 2000 threw before us, but a large part of it was the need to take incremental steps rather than taking one big step. For India the biggest challenges are scope, size and scale. The projects need to be broken down into manageable chunks so that implementation proceeds in incremental steps rather than attempting one giant step. Another need for India is to take client-feedback into consideration in setting priorities and redesigning program delivery. Another area where some developments, though only babysteps, are being taken by some governments especially in Europe, the U.K., U.S.,Australia, and New Zealand is the area of web 2.0. This recognizes that Internet-based technology allows for two-way participation and collaboration within and across governments and with citizens. It is an entirely new avenue in terms of thinking about service delivery, policy and the public-sector role. Through Web 2.0 technologies, one of the most important dimensions that is emerging is the role of public feedback and participation in service improvement. There are other interesting models as well, like that of the U.K. government which has established a task force called the ‘Power of Information’. It is looking towards an entire paradigm change by putting much more information in the public domain in usable forms for anyone to use. There are these ranking that are given every year in the sphere of e-Readiness and e-Governance. But in these rankings generally the placing of the various countries 40

are fixed like U.S. and Canada at the top, Singapore, Switzerland in the middle rungs but countries which are always ranked below fifteen generally have a bad time? So what is your comment on this? We all look at these rankings as an interesting and useful tool which indicates how various countries are faring. But at the same time these rankings must be looked at and used with a lot of caution. First of all, there is a bar to these rankings which keeps changing every year. Secondly, one needs to look into the criteria that go into your assessment because these also keep changing. Moreover, one also needs to keep in mind what they are measuring and how relevant is the thing being measured in context of your own goals. What one needs to be most mindful about is what each government aims to achieve, what measures relate to those goals, and is that measurement happening. In the case of India and other countries, what is important is that they measure their own progress against their specific goals and in relation to their own unique context. Besides that, yes international rankings are important as one more way of knowing how you are doing but only when you are well aware of the underlying criteria of measurement. because I think it could be very risky to draw quick conclusions based on these rankings. This idea of yours to ‘lead a change’ through the Internet Business Solutions Group is very innovative and educative. So what are your near future plans for India? The Internet Business Solutions Group works with governments around the world to understand their goals and provide strategic advice to help them achieve those goals based on trends, best practices, and experience from other jurisdictions. In India, we have had discussions with the Department of Information Technology (DIT) in its role as leading change in the area of e-Governance. I think there is a great opportunity to focus on some the Mission Mode Projects that will be designing the services and applications that will be using the infrastructure. There is an opportunity, for example, to help accelerate these initiatives based on the experience of how these transformations have happened in other jurisdictions. Another way we can help provide leadership for change is to use our convening power to bring together key stakeholders in the central and state governments to address implementation issues and challenges through facilitated workshops. In your conversations with government what did you find to be most striking especially regarding this entire issue of bringing about change? I think the most striking thing with everyone I meet in the government is the high level of commitment. It is a very ambitious, impressive plan and has come a long way. Although much has been already implemented, the next steps will be focused on services and applications as this is where the client impact will be happening, and that is going to be very challenging. My role to date with DIT has been to advise on putting the right pieces in place and I look forward to contributing in any way I can in the next steps to accelerate the implementation process. Ravi Gupta & Sandeep Budki sandeep@egovonline.net

www.egovonline.net

NEWS & VIEWS by laws such as Sarbannes-Oxley (SOX), PCI-DSS, HIPAA, GLBA and more. All these regulations require detailed reporting and an audit trail to show that you have indeed complied with the letter of the law. India’s current IT Act doesn’t have the scope and vision to ensure a granular degree of control over electronic data covering various industries. Complying with these and other regulations is often complicated, time-consuming, and costly. Cyberoam helps to minimise these headaches by providing the consolidation of all required perimeter security tools into one uniﬁed platform to protect the network and guarantee the integrity of data.

NATIONAL In Orissa NREGA Payments Through Smart Card Under the National Rural Employment Guarantee Act (NREGA) around 2,000 workers in Orissa have been collecting their wages from their local post offices using smart cards in the past two months. Launched on December 1, 2008 at Baunspal in Orissa’s Dhenkanal district, the project piloted by the Department of Posts, with the active involvement of Minister of State for Communications and Information Technology Jyotiraditya Scindia, will very soon cover around 25 villages and service 6,000 workers under NREGA. The number of accounts opened under NREGA with post offices has already crossed the two crore mark. As on December 31, 2008, post offices across the country had disbursed INR 3,422 crore under NREGA.

e-Auction of Tea Failed to Take-off in Kolkata Kolkata’s project on e-auction of tea has failed to take-off due technical glitches, lack of space and difﬁculty in allowing proxy bidders. The e-auction of tea in Kolkata which was to start from January 27, 2009, was carried out but only manually on January 27 and 28, 2009. This new e-auction system, an INR 18-crore project, has been redesigned by the National Stock Exchange’s IT department. According to tea traders, the major bottleneck in the e-auction of tea is that it would not only translate into an escalation of costs but the process would also become slower than the manual auctions.

Digvijaysinh Chudasama Vice President-Sales Cyberoam, India

“

There is an urgent need to redefine the concept of national security secrets and moving beyond protection of the defense industry and public sector” What do you feel about IT security compliance in India? In the US, securing your network against attacks is not only good practice but is also mandated

e-Procurement For Railways The e-procurement system of the railways was inaugurated recently. The e-procurement platform to East Coast Railway (ECoR) has been provided by Centre for Railway Information System (CRIS). The east coast railway stores department purchases around INR 750 crore materials every year. The new system will bring in beneﬁts in terms of cost savings due to improved competition, improved internal efﬁciency, the procurement cycle will be further compressed by around 30 days.

First e-Court of India launched The ﬁrst model e-Court in the country has been launched by the Gujarat High Court recently. It has started functioning on a pilot basis at the Ahmedabad City Civil and Sessions Court, providing tamper proof authentic audio-video recording of proceedings with multi-point video conferencing facilities linking the courtroom, central jail, the police commissioner’s ofﬁce and the Forensic Science Laboratory. The under-trials lodged in the central jail could be virtually presented before the court through video conferencing. This project is an initiative of the central government and was set up with technical support from the Technology, Information, Forecasting and Assessment Council (TIFAC), the Centre for Advanced Computing and National Informatics Centre.

42 }

What are international IT security trends that can be readily adopted in India and will it make a difference? The nature of worldwide data, information pilferage and economic intelligence gathering through the use of Internet has redeﬁned security needs and strategies to combat growing threats. In one recent case, a company, a major player in power and utilities, was sabotaged and its critical information assets compromised by its very own security vendor - a foreign security company - something that highlights the vulnerability of networks, especially those of a nation whose information security needs are manifold. There is an urgent need to redeﬁne the

Events Watch 3-4 March, 2009 6th Annual Enterprise Security Asia Conference 2009 Kuala Lumpur, Malaysia http://www.acnergy.com/EntSec2009. htm ..................................................... 12-13 March, 2009 1st International Conference on eGovernment & eGovernance, Ankara, Turkey http://www.icegov.info/ ..................................................... 17-19 March, 2009 International Exhibition & Conference on Homeland Security, Singapore http://www.globalsecasia.com ..................................................... 18-20 March, 2009 17th Convergence India 2009 New Delhi, India http://www.convergenceindia.org ..................................................... 27-29 March, 2009 International Conference on Information and Communication Technologies (ICICT) Hong Kong, China http://www.waset.org/wcset09/ hongkong/icict/

3-5 April, 2009 International Conference on Information Management and Engineering (ICIME 2009) Kuala Lumpur, Malaysia http://www.icime.org ..................................................... 07-10 April, 2009 Forum on next Generation Network Standardisation Colombo, Sri Lanka http://www.cto.int/ngn/09 17-19 April, 2009 IEEE/ACM International Conference on Information and Communication Technologies and Development (ICTD) 2009 Doha, Qatar http://www.ictd2009.org ..................................................... 22-24 April, 2009 IDMA World Asia 2009 Singapore http://www.the-infoshop.com/ conference/idma09/ ..................................................... 27-28 April, 2009 Government Technologies Conference & Expo Toronto

Canada http://gov.wowgao.com ..................................................... 7-9 May, 2009 2nd International Conference on Information and Communication Technologies and Accessibility Hammamet Tunisia http://www.icta.rnu.tn ..................................................... 23-27 May, 2009 15th GCC eGovernment and eServices Forum Dubai, UAE http://www.datamatixgroup.com/ conferences/profile.asp?id=457 ..................................................... 24-28 May, 2009 The Fourth International Conference on Internet and Web Applications and Services (ICIW) Venice, Italy http://www.iaria.org/conferences2009/ ICIW09.html ..................................................... 31 May - 4 June, 2009 6th Annual European Semantic Web Conference Heraklion, Greece http://www.eswc2009.org

www.egovonline.net

NEWS & VIEWS concept of national security secrets and moving beyond protection of the defense industry and public sector to include even the entire private sector through compliance regulation. Setting up a Central Nodal Agency and Accreditation for Cyber-Security Solutions along the lines of. National Security Agency in USA and other Approval and Certiﬁcation bodies for Security Solutions is crucial. It should be made mandatory for security product to be indigenous, especially in importantly identiﬁed centres like HQ and R&D in India The need to choose deployment of security solution that integrates identity of a user as important criteria in providing protection. How are you addressing the security landscape of the country? Cyberoam is an Identity-based UTM appliance that takes security to a level closer to human intelligence by weaving identity controls in its features that can trace user movement in the network, not only till the IP address of a machine which is the traditional approach in the industry but till the actual user itself. This gives a completely transparent view over the network as to ‘who is doing what’ in the network. It, thus, gives an unprecedented degree of control over the users and enables taking both preventive and remedial actions in real time for achieving one of the most comprehensive protections possible, against internal and user-targeted threats.

Currently, what are the products that you are offering to the government vertical? With the rise in e-Governance across India and the establishment of State Data Centres that meet the information requirements of the citizens, threats to the government vertical has risen manifold. With the arrival of the e-Governance era, information like taxation, land records and more while available easily and readily to the citizens stands vulnerable to attackers. Securing the data centres and other repositories of information, thus preventing conﬁdential data leakage, controlling access to inappropriate sites, complete visibility into the network so as to know who is doing what in it, and monitoring and control of user behavior hold the key to future security. Cyberoam is a unique security solution that fulﬁlls these security needs with a unique and highly granular approach through its identity-based technology. Are you in discussion with any state government for offering your solutions Yes, Cyberoam is in discussion with certain government institutions for securing their huge and heterogeneous networks and data centres. More over, Cyberoam is already securing many government networks with critical data and information assets.

Sandeep Budki sandeep@egovonline.net

Executive Movements A K Goyal is the new Joint Secretary in the Ministry of Home Affairs. He is 1977 batch CSS officer. Amit Mohan Prasad is the new Joint Secretary in the same Ministry of Health and Family Welfare. He was a Director in the same ministry. He is an IAS officer of the 1989 batch of the Uttar Pradesh cadre. A S Murthy is the new Chief Executive Officer (CEO) of Satyam Computers Ltd. Murty was working with Satyam for the last 15 years. He was heading the company’s global delivery unit. He will assume charge as CEO with immediate effect. He will replace the current CEO – Rama Raju. Balkrishna Shetty has been given the additional charge as the Ambassador of India to the Republic of Latvia with residence in Stockholm (Sweden). He is currently Ambassador of India to Sweden. BK Dey has joined in the Government of India as Secretary Security. He has taken charge on February 11, 2009. He belongs to the 1973 batch IPS officer of the Assam-Meghalaya cadre. He has succeeded KC Verma. Gauri Shankar Gupta has been appointed as the next Ambassador of India to Hungary. He was working in the capacity Joint Secretary at Headquarters. He has succeeded Ranjit Rae. Marten Pieters is going to be new Chief Executive Officer of Vodafone Essar. He was earlier CEO of Celtel International BV. Renuka Kumar is the new Joint Secretary in the Department of Corporate Affairs, GoI. She is a 1987 batch IAS officer of Uttar Pradesh cadre. Saurabh Chandra is joining the Government of India as Additional Secretary and FA in the Department of Industrial Policy and Promotion. He is 1978 batch IAS officer of Uttar Pradesh cadre. Shyam Agrawal has been appointed as the new Joint Secretary Commerce, GoI. He was earlier the DG Foreign Trade(DGFT). He is an IAS officer of the 1980 batch of the Rajasthan cadre. S S Khurana is the new Chairman of Railway Board. He will be replacing K C Jena. Yang Yuanqing is the new Chief Executive Officer (CEO) of Lenovo Group Ltd. He will replace the current CEO - William Amelio.

March 2009

NATIONAL Railways Processes 3,712 tenders in 5 months The e-Procurement system of the Indian Railways has processed over 3,712 e-Tenders in the last ﬁve months. This Railways’ e-Procurement website launched around August-September 2008, has over 1,737 e-Tenders which are currently uploaded (yet to be opened), 1,778 e-Tenders have already been opened and over 197 purchase orders have been issued in last ﬁve-six months. Over 1,800 vendors, who are (potential) suppliers, have registered themselves on the website. Indian Railways procures goods valued at about INR 16,500 crore annually and this excludes procurement of another INR 5,000-odd crore.

Single UID for all Indians by Early 2010 An Empowered Group of Ministers (EGOM) headed by the External Affairs Minister, Pranab Mukherji has approved the establishment of a Unique Identity Authority for all residents of the country. The UID Authority will be set up under the Planning Commission. This UID Authority will formulate a detailed proposal covering the full cost of implementation and for the full contingent of staff needed and place it before the Cabinet for its approval. The UID is expected to become available by early 2010.

ICT Makes Crime Records Available at your Fingertips Delhi Police has come up with a high-tech way to keep a tab on criminals. Delhi Police is in process of installing 171 Automated Fingerprint and Palmprint Identiﬁcation Systems (AFPIS) in all police stations in the Capital as well as in other important places including the ﬁve district courts and 11 district headquarters. The system, a web-based software running on Linux, will enable cops to access existing police records to instantly identify an arrested accused. Biometric system providers are of the view that a complete AFPIS unit will cost around INR 20 lakh while a basic unit will come for around INR 10 lakh.

e-Governance Adoption by GUVNL Gujarat Urja Vikas Nigam Limited (GUVNL) is fast adopting the IT solutions software towards becoming e-Governed. This software will increase GUVNL’s operational efﬁciency, transparency, and improve its customer service. This e-Urja project is an integrated solution and aims to share a centralised database with all users. The project is being implemented by GUVNL and all its subsidiary companies Gujarat State Electricity Corporation Limited, the Gujarat Energy Transmission Corporation Limited and four distribution companies. With this software in place human resources, payrolls, e-Procurement, accounting, budget, and other departments will all be served by the same database through a single entry point. The project will also eliminate corruption to a large extent as every applicant will have a unique login Id.

NEWS & VIEWS How does India fare in EIU IT Competitiveness Index? India ranks 48th in the world in the 2008 IT industry competitiveness index, moving 2 places from its 2007 ranking of 46 in the index. India has an overall score of 28.9 on the IT competitiveness index. While being rated ahead of China, the ﬁndings of the study reveal that India has performed quite well in business environment and support for IT industry development, but needed to improve in areas such as IT infrastructure and research and development.

NATIONAL Centralised IT Processing Centre in Bangalore The Union Cabinet has decided to set up a centralised processing centre for IT (Income Tax) returns at Bangalore at the cost of INR 255 crore as part of an exercise to quicken the processing of IT returns. To start with, the Centre will focus on processing all electronically filed returns from across the country, and paper returns filed in Karnataka. Subsequently, its operations will be expanded gradually to cover paper returns filed in other states as well. The aim was to ensure that high skilled manpower of the IT department now deployed for processing the returns was utilised better in terms of pursuing cross verification of actionable information. The department would exercise full control over the process to ensure that the privacy and security of the taxpayers data were not compromised in any manner.

Under RTI Act Info Provided Through Website Not Enough The Central Information Commission has issued directives that Posting information on Government websites may not be enough under the Right to Information (RTI) Act. In addition to making the information available online public authorities need to make available printed or CD copies of information to RTI applicants even if the same data is available online. This decision was reached in the process of responding to an appeal ﬁled by Chandigarh resident Harish Kochhar against the Central Board of Secondary Education (CBSE), which repeatedly referred him to its ofﬁcial website in answer to his RTI queries.

Lizum Mishra India Director Business Software Alliance India

“

Software Asset Management is a holistic standardised process which helps companies remain compliant, reduce costs, become more efficient and have greater control on security related issues within an organisation”

Goa Launches Payment of Taxes via Internet Goa’s chief minister Digambar Kamat formally inaugurated Goa’s Cyber Treasury scheme at the second day of the 12th national conference on e-governance which began at a South Goa resort on 12th February 2009. This cyber treasury scheme will facilitate online payment of taxes through the Goa portal, both for commercial establishments and for individuals.

Govt to Invest INR 20,175 Crore in e-Governance Projects Centre has decided to invest INR 20,175 crore for as many as 27 projects under its National e-Governance Plan (NeGP) in the next four years. Department of administrative reforms and public grievances and Department of Information Technology jointly formulated this programme. While 16 projects worth INR 10,622 crore have already got the Cabinet’s approval, the remaining ones will be unveiled in due course by taking state governments on board. The services would be delivered in a phased manner through the satellite-based State Wide Area Network (SWAN) in all states and Union Territories (UTs) in the country.

44 }

Brieﬂy explain BSA’s initiative in corporate governance through the SAM campaign with the government of Karnataka. Business Software Alliance is the foremost organisation dedicated to promoting a safe and legal digital world. It has a presence in 80 countries worldwide is the voice of the world’s commercial software industry and its hardware partners before governments and in the international marketplace. BSA educates consumers on software management and copyright protection, cyber security, trade, e-Commerce and other Internet related issues. The “Karnataka-A Leader in Software Asset Management” campaign launched by BSA in partnership with the Center of e-Governance, Government of Karnataka is to recognise Karnataka based small and medium companies as Leaders in “Software Asset Management (SAM)” and promote the importance of “Corporate Governance” and “Intellectual Property Rights” in the state.

What are the factors that can enable Indian competitiveness in IT security segment? Information Technology security is no more a mere legal requirement but it is fast becoming a factor for companies to compete on and grow businesses. A “secure and reliable” environment-defined by strong copyright, IT and cyber laws-is an imperative for the growth and future success of the IT Industry. Indian IT companies today adhere to international best practices-they are regularly audited by independent certified auditors, comply with international standards at the highest levels, update procedures and practices regularly and meet-if not exceed the worldwide information security standards to ensure that data and personal information of international customers is adequately protected. Similarly, another critical aspect of IT Governance in today’s day and age includes managing software as an asset. SAM or Software Asset Management is a holistic standardised process which helps companies remain compliant, reduce costs, become more efficient and have greater control on security related issues within an organisation. What are the steps that government can take to reduce software piracy? The government plays an instrumental role to curb the growing menace of piracy in India. It needs to seriously work for the IP cause and can look at options like setting up of specialised courts to address IP issues on a large scale. Dealing with piracy requires a concerted effort by government, in partnership with industry, to provide strong legal remedies against software piracy, an efficient and effective enforcement system that provides deterrence, and regular and widespread public awareness campaigns on the why respect for intellectual property is important. There is no shortcut.

Tannu Singh tannu@egovonline.net

www.egovonline.net

NEWS & VIEWS NATIONAL Blueline Havoc to be Tamed Using GPS According to Delhi High Court the Global Positioning System (GPS) tracking system ﬁtted in the bus is the solution to the menace created by the Blueline buses. It will help keep tabs on speeding buses to penalise them as well as monitor their adherence to a timetable. Authorities can also check the exact location of every bus in real time. Infact the court had asked to procure this GPS system way back in October 2007, but delay has been caused because the contractor to whom the tender was awarded has backed out and the process has to be initiated all over again.

Computing Solutions in 12 Indian languages The Union Minister for Communications and Information Technology, A Raja inaugurating the upgraded e-Governance Centre of the Department of Information Technology, in New Delhi.

Centre of e-Governance opens in DIT A Centre of e-Governance (CeG) has come up in capital New Delhi to disseminate awareness about e-Governance initiatives in the country. The upgraded centre was opened by the Minister for Communications & Information Technology, Thiru A. Raja in the premises of the Department of Information Technology, the Electronic Niketan. Minister of State for Communications & IT, Jyotiraditya M. Scindia was also present on the occasion. The CeG enhancement plan is a part of the “Awareness and Communication “ activity under NeGP and seeks to bring the achievements under NeGP under one umbrella for the information of citizens. The Centre will provide the visitor an opportunity to experience different e-services as well as digitally record his / her impressions of the CeG. Raja informed that out of the projected outlay of Rs 20,175 Crore for the proposed 27 Mission Mode Projects (MMPs) under the National e-Governance Programme (NeGP), Rs 10,622 Crore has already been sanctioned for 16 MMPs. Scindia announced that the Centre will provide easy access to visitors. The Centre of e-Governance provides a platform for wider dissemination of awareness regarding successful e-Governance initiatives in the country as well as the roadmap for implementation of e-Governance. CeG will also undertake hosting of important Seminars/ Conferences and other similar awareness programmes to reach out to the common man. The CeG showcases applications, demonstrations and presentations that reﬂect the progress achieved in the implementation and usage of e-Governance. It covers successful

March 2009

and high impact e-Gov applications and content based on improved citizen service delivery, innovativeness, cost effectiveness and overall impact in fulﬁlling developmental objectives of the government. Also displayed are various social sector initiatives relating to health and education. Aesthetically designed with hi-tech display systems and visitorfriendly functionality with kiosks that offer demonstration of e-services to the cognoscenti as well as the curious citizen, the Ce-G represents the promise of making technology relevant to the ‘common man’. State-of-the-Art display formats, Internetenabled conference areas, arrangements for an extensive digital library, spruced-up video conferencing facilities as well as a conference hall are some of the impressive features. Bilingual messages and simple bench-type seating seeks to reassure the rural visitors when they view ﬁlms on a large video wall. Common citizens, students, policymakers, strategists, experts, and media persons from all over the world frequent the Centre for e-Governance to learn and to share experiences and insights on e-Governance. The redesigned and refurbished CeG is expected to gain the stature of a global reference point and will serve the twin purposes of educating and awareness building. The Centre will promote and demonstrate e-Governance concepts, showcase the achievements and build a world-class repository and knowledge system for e-Governance. While advances in technology appear exciting, they become relevant to e-Governance only after they pass the test of mass applicability.

Microsoft company showcased for the first time its beta version of Windows 7 in Hindi, a step aimed towards enabling Indian users to compute using various Indian languages. The company launched its Language Interface Packs (LIPs) in twelve Indian languages for use in the Windows environment and Microsoft Office. The company has also made available for free download, forty-five virtual keyboards for use in these twelve languages. Windows 7 is being promoted as the precursor to the new operating system that Microsoft is developing as a replacement for Windows Vista. Microsoft’s suite of web-based applications, Windows Live, will also be available in seven Indian languages.

24X7 call centre on RTI in Jammu Kashmir Omar Abdullah’s new government in Jammu and Kashmir (J&K) has promised within the arena of e-Governance to provide for a legislation to strengthen the Right to Information (RTI) Act in the state. A call centre towards the same is being planned. At the planned call-centre twenty executives will handle calls and complaints from the public. This call centre will report directly to the chief minister. There will also be dedicated phone lines where complaints will be received through phone, text messages as well as in person.

m-Governance Adopted by Traffic Police in Kerala Under the pilot project launched by Kerala Government, 38 traffic rule offenders landed in police net after the city police have started using the Blackberry mobile phones. Three complimentary Blackberry handsets had been handed over to the police personnel recently. Complete information about the vehicle and its owner can be instantly accessed by policemen using these mobile phones. These phones will be connected through a network with the database of the motor vehicle department The new technology could be extended to other parts of the state with some modifications. The technology had been specially developed by mobile service provider Vodafone (Kerala) with the assistance of the C-DAC.

NEWS & VIEWS NATIONAL High-Security Number Plates to be Adopted by UP Uttar Pradesh (UP) government has invited global tenders for implementing the highsecurity number plate scheme for motor vehicles in the state. This step has come about in the wake of Cabinet’s approval for implementing this high-security number plate scheme for motor vehicles in the state through public-private partnership. It had also arranged a pre-bid conference of manufacturers and vendors on February, 2009 in Lucknow. With the total volume of work estimated to be close to INR 600 crore, the scheme is likely to see most of the 18-odd players, who have been approved by the Centre.

4937 Village Kiosks for West Bengal Dax Networks has executed an e-Governance project in West Bengal (WB) for Srei Infrastructure Finance Ltd. In this project, Dax has networked 4937 village kiosks in West Bengal through its partner. This project comes under the purview of Srei Sahaj e-Village Ltd, a subsidiary of Srei Infrastructure Finance Ltd. In line with the National e-Governance Plan (NeGP), Srei Sahaj e-Village is setting up over 20,000 Common Service Centres (CSCs) across the country, to bridge the digital divide between rural and urban India. Besides West Bengal, Srei Sahaj e-Village is also planning to set up CSCs in Bihar, Uttar Pradesh, Tamil Nadu and Assam.

Bartronics to Help Establish 2000 Kiosks in Delhi Bartronics India Limited, has bagged “Aapke Dwar”, a prestigious project of Delhi Municipal Corporation to set up 2000 Government to Citizen (G2C) kiosks in the municipal limits of the national capital. The project, to be operated on built-operate-transfer model is for a period of nine years. The company estimates that the revenues from the project would be in excess of INR 5000 crores over the nine-year period considering the existing revenue models. This infrastructure is particularly important from the point of view that the city of Delhi will be hosting the Commonwealth Games in 2010. It is estimated that the project will generate a minimum of 6000 jobs to the local populace.

Jharkhand Plans the Biggest Renewable Power Project The Jharkhand Renewable Energy Development Agency (JREDA) is launching the biggest biomass-generated power project in the country in 2009-10, which will provide electricity to around five lakh poor households in the state at an affordable price. To start with, around 100 power units dependent on biomass will come up in five to six districts of Jharkhand. Each unit will generate 100 kw, sufficient to lit around 5,000 households in a cluster of villages. Four districts-Pakur, Chatra, Latehar and Gumla- are planned to be covered under the project by JREDA. Each of the units will cost between INR 90 lakh and INR 1 crore.

46 }

Rajiv Chaddha Vice President-Sales VeriSign, India

“

Over the last several years, phishing, and subsequent identity theft, is proving to be one of the biggest threats plaguing the Indian internet space” What do you feel about the current security scenario in India? Indian enterprises today are in the process of either establishing or reinforcing their security architecture. The increasing usage of IT, especially for online transactions by banks and other financial institutions has given a boost to the demand for security solutions. A sizeable population of the corporate world has presence on several of the emergent networking sites and forums; which has created possibilities of critical enterprise data being compromised. Over the last several years, phishing, and subsequent identity theft, is proving to be one of the biggest threats plaguing the Indian Internet space. Enterprises are now seeing the real potential of security solutions and infrastructure and they are moving towards leveraging them to accelerate business productivity. With the Government of India taking major initiatives to make the country e-Ready by initiating various e-Governance implementations there is an increasing need to create trust by educating the transacting parties about the confidentiality and integrity of their messages. This requires identification and authentication of transacting parties. Digital signature has still to gain popularity in government vertical in India. What are the reasons for it? The main challenge to digital signatures gaining popularity in the government vertical

is the relative lack of education and awareness about digital signatures and its advantages. However, the awareness is increasing rapidly among business users and government officials as the Controller of Certifying Authorities (CCA) is working hard to educate people about the applications and benefits of digital signatures. Though deployments in the government sector have been less in the last two to three years; many government departments have now begun taking interest in digital signatures as part of their e-Governance initiative. After NIC has become a nodal agency, the government departments have started trying digital signatures in areas like tenders, data, e-Procurement and many other applications. Digital signatures provide a secure environment by assuring the parties involved in the transaction that their information is confidential and ensuring the identification and authentication of the transacting parties, so that they cannot repudiate the transaction at a later date. Currently what is happening in Physical Security devices segment in India? The proliferation of the Internet and new e-Business practices are posing challenges in managing security, access and delivery across Indian enterprises. Organisations are therefore compelled to protect themselves from both internal and external threats and security attacks. Across the banking & finance (BFSI), telecommunications, pharmaceutical, manufacturing and hi-tech IT manufacturing industries, information needs to be secured and access limited to the authorised parties. This calls for a combination of online security solutions and physical security devices/ tokens. VeriSign understands the security needs of an Indian enterprise and its key offerings in the physical security market include Public Key Infrastructure (PKI) and One-Time Password (OTP) solutions. Currently in Government vertical where all are you offering services and what is the USP of those products VeriSign’s digital signatures + authentication solutions provide for easy and secure access of documents. In the Indian Government and public sector domain, some of the areas where VeriSign sees immense potential for Digital signature solutions are data management , still to be introduced citizen identity cards and income tax departments initiative for filing of returns online.

Nilakshi Barooah nilakshi@egovonline.net

www.egovonline.net

NEWS & VIEWS

Benhur Mesﬁn Director Wirlese Brodband Asia Paciﬁc Enterprise Mobility Government and Public Safety, Motorola Electronics, India

“

The increased threat highlighted by the attacks in New York City, Barcelona, London, Mumbai and Delhi, to name a few, is considered by many as one of the drivers for significant growth in the wide spread deployment of digital video surveillance system around the world”

What do you feel about the current security scenario in India? Motorola has the expertise to design bestin-class solutions for public safety agencies and has been active in this space for decades. It is this experience and the expertise which we are offering to this critical India market. What are the international security trends in video surveillance? The increased threat highlighted by the attacks in New York City, Barcelona, London, Mumbai and Delhi, to name a few, is considered by many as one of the drivers for signiﬁcant growth in the wide spread deployment of digital video surveillance system around the world to cover large parts of cities and open spaces as well as the traditional domain of CCTV for indoor (closed space surveillance) and what is emerging as trends in these deployments are: Use of digital cameras using IP (internet • protocol) for communication is being networked together like an IT network. The video surveillance network resembles an IT network, with servers and computing devices; In this case it will be with servers

March 2009

and cameras as the devices for image capture-instead of computing devices. • The growing sophistication of digital cameras that not only capture image but also can provide a limited amount of analytics capability. • The wide spread use of video analytics software offer basic video analysis and advanced features, such as intrusion detection, people counting, vehicle recognition, queue management and facial recognition. These systems can then be integrated to an overall security apparatus, with data bases of people names, vehicle license plate numbers, photo IDs and can be used to trigger various actions (alarms, notifications, warnings, access control, etc.) based on predefined policies and operational procedures. The other trends we see are the increased use of fixed broadband wireless networks to deploy large scale outdoor video surveillance systems. What are the unique products that are offered by your company in the security arena? Motorola’s Government and Public Safety business unit has been providing mission critical communication solutions for public safety and security agencies around the world for over 60 years. We are the leading supplier of these wireless voice and data communications systems to all major public safety agencies in India, across Asia and the World. These digital wireless communication systems set the standard for reliability, robustness, and features. These systems have become the bench mark against which all other systems are measured against. In addition to these solutions we also offer a wide range of broadband wireless systems for fixed and mobile applications that provide robust, reliable and secure communication links covering a small area to nation wide deployment. Currently in Government vertical where all are you offering services and what is the USP of those products. In the Government vertical Motorola is offering mission and business critical communication systems to all the major police forces in India, Airports -Delhi, Bangalore and Hyderabad International Airports; Delhi Metro and in Asia almost every major public security agency; across the world over 50 Metro lines, and over 35 long haul rail systems, major sea ports, airports and utilities.

Sandeep Budki sandeep@egovonline.net

INTERNATIONAL UAE to Promote ID Cards For Better e-Governance Adoption United Arab Emirates (UAE) is banking on the successful introduction of its national identity card (ID) programme for its wider social, economic and infrastructure development. Thus early implementation of the programme is being attempted at to help achieve full e-governance, with all government transactions being carried out electronically. This announcement was made at the two-day Citizen ID Forum organised by the ID World International Congress in Abu Dhabi.

ICT For Rural Folks Introduced in Malaysia A pilot project known as InfoSTI@MOSTI by the Ministry of Science, Technology and Innovation within hi-ﬁ wireless service, computer training and cyber-net browsing are available for free, is aiming towards changing the mindset of rural people in Malaysia. The project is to support the national aspiration to build an informed society by encouraging the use of science, technology and innovation (STI) to improve the life of the people especially in rural areas. InfoSTI@MOSTI is different from other services in the fact that apart from providing the above services, it also provides teleconferencing where important policy statements, international conferences, seminars or meetings are also available for them. All ICT trainings, including Agribazaar, a website for agriculture, Network and PC, Cyber Safety, e-Government, Microsoft Ofﬁce, Internet knowledge, Teleworking Centre, Community Projects and Cyber Development Corps are given free and anyone with any age group can register at the centre.

U.S. Government Travel Reservation Site Hacked A United States (U.S.) Government travel reservations website (GovTrip.com) used by several federal agencies was hacked recently such that it shunted unsuspecting users to a malicious domain. GovTrip.com is still ofﬂine after the attack. GovTrip is used by several U S government agencies, including the Enviromental Protection Agency (EPA) and the departments of Energy, Health and Human Services, the Interior, Transportation, and the Treasury, to make travel reservations, as well as to reimburse workers for travel expenses. The site is operated by defense contractor Northrop Grumman Corp. from an ofﬁce in Northern Virginia. In the recent past, for instance, the Federal Aviation Administration acknowledged that hackers had broken into its network and may have stolen medical records of some 45,000 current and former employees.

NEWS & VIEWS

based Cameras and a very robust architecture along with the state of the art equipment with a three level fall back system in case of any kind of disaster.

Amit Dudeja DGM Tolling Operations Delhi Gurgaon Expressway

“

We are using RFID and DSRC range of readers for the free movement of the traffic at the Toll Plaza”

How has ICT in your view, helped in securing the toll tax both in terms of data security as well physical security? Information and Communication Technology is the key driver in the whole setup. Each and every transaction or event happening in the Toll Plaza is being monitored and recorded electronically which is supported with Incident

What are the technologies you are using for different aspects of security? We are using Radio Frequency Identification (RFID) and Dedicated Short-Range Communications (DSRC - subset of RFID) range of readers for the free movement of the traffic at the Toll Plaza. This is again the first ever technology used in the field of Intelligent Transportation System (ITS) installed in India. How many people are using the smart cards? What is your view about the efficiency and usability of these smart cards? Close to 80,000 users are using the DSRC and RFID based solutions for a quick and a smooth passage at the Toll Plaza. In our view, this is the best suited technology available to cater to the Indian driving patterns and we are getting almost 99.8% accuracy in vehicle detection and safe clearance from the Toll Plaza. What are the systems you have in place to ensure data security? Our system is designed by Kapsch which is again a market leader in Toll Technologies

and has catered for in built data redundancy at three levels, which means that in ‘no case’ we can ever loose any kind of customer information from our database. Over and above this our Backup Policies are streamlined and time tested with various mock drills. How are you addressing the capacity-building issue of training the required staff? We have an in-house team of experienced professionals in the similar ﬁeld who have been trained by trained professionals from Kapsch, which now serves as a core team for further trainings of the new staff. What systems do you have in place to handle emergency situations? In case of any breakdown in the service by means of any lane closure or database failure, we can still process the transactions through the lanes which keep piling up in the lane computer and as soon as the communications are restored the situation gets back to normal without even customer knowing about it. For addressing the issue of scalability, are your security systems up-gradable? Our security systems are policy driven at the corporate level so scalability is never an issue.

Tannu Singh tannu@egovonline.net

PC sales in the first-half of 2008-09 cross 3.69 million units MAIT, the apex body representing India’s IT hardware, training and R&D services sectors, recently announced the findings of its Industry Performance Review for the first-half of financial year 2008-09. The total PC sales between April and September 2008, with desktop computers and notebooks taken together, were 3.69 million (36.9 lakh) units, registering a growth of 12 per cent over the same period last fiscal. The sales of desktops stood at 2.91 million (29.1 lakh) units registering a growth of 12%. Notebooks recorded a consumption of 0.77 million (7.7 lakh) units growing 13% over the same period last year. Given the current macroeconomic conditions and conservative buying sentiment in the market, PC sales are expected to remain at the same levels as in the last fiscal at 7.3 million (73 lakh) units. Commenting on the findings of the study, MAIT Executive Director, Vinnie Mehta said,“Consumption in the large and medium enterprises has helped sustain the PC market in India, especially for the desktops, in the first half of 2008-09. The desktop sales which had flattened out in the fiscal 2007-08 recorded positive growth.” MAIT President, Mr S S Raman said:,“It should be made mandatory for nationalised and PSU banks to earmark funds for easy and subsidised loans for purchase of IT products and solutions for the

SMEs and the home consumers, especially for education. Similarly, Governments - Central and State should extend interest free loans to all their employees for purchase of IT products. Further, as several e-governance projects are being rolled out, these need to be replicated across all the states in the country and completed at an accelerated pace. Providing for local-language interface will be critical for the success of such projects, especially those aimed at Government-citizen interface.” Commenting on the current and the future market and technology trends in India, MAIT Vice-President, Mr Ravi Swaminathan said: “Government and the Public sector spending is expected to be the mainstay of domestic market IT consumption. Cost concerns are leading to significant consolidation of IT infrastructure in the corporates with virtualisation gaining acceptance. The SMEs have started showing keen interest towards outsourcing and SaaS. Lastly, with 3G and Wi-Max networks expected to be rolled out soon, significant opportunity will arise for diverse applications and services.” The bi-annual MAIT Industry Performance Review - ITOPs, conducted by India’s market research firm IMRB International is a survey of the IT hardware sector’s efforts to manage the business environment, gauge the market potential and consumer trends.

www.egovonline.net

SIGN OFF

5 Common Mistakes

Wondering if you’ve adequately protected your network can cause sleepless nights. In the rush of your workday, what could you have missed? Sleep better by avoiding these common mistakes. 1. Being too generous with wireless network access: Guests expect wireless access, and you can make it secure with the right policy. 2. Expecting superhero performance from a familiar duo: It’s fantasy that just a network firewall and anti-virus software can do it all. The reality is that you need a ‘defense-in-depth’ approach so that if a threat gets through one layer, it can be stopped at others. Use an integrated security appliance instead of separate products. You’ll get better protection, and spare yourself having to learn multiple interfaces. 3. Letting employees connect too freely from home or the road: Employees who connect from home or public hotspots can have

their transmissions intercepted or leave behind information that can be used to break into the company network. Secure sessions with non-company-owned PCs by setting up Secure Sockets Layer

(SSL) VPNs, which encrypt session data without requiring preloaded client software. 4. Using leaky pipes to connect other sites and partners: It’s easy to use

the Internet to link remote offices to your central network. But how can you secure the connections? Spare yourself the time to manually set up VPN connections between a new office and all the others. Be alerted to suspicious network activity by using an intrusion prevention system. 5. Being lured off course by a siren song: Just about everyone has opinions on security, including Uncle Sam and the blogger down the street. For advice based on businesses like yours, discuss your needs with a certified technology partner who has security expertise and experience serving small businesses. Such a partner can provide solutions appropriate for your environment, ideas for minimizing costs, assistance with security policies, and other technical support and services you may need.. Sandeep Budki sandeep@egovonline.net

FLIP SIDE by Santulan Chaubey

I do not know what happened!!!! After getting orders to work online, He drewn a line and shifted his desk on it….

March 2009

ASK SAP

Public Safety & Security As Vice President of the Public Services group for SAP’s Asia Pacific Division, Adaire Fox-Martin oversees the strategic direction and activities in the area of public services in the health, education and defence sectors across the region and executive relationships with customers and partners. Ms. FoxMartin is a key member of the SAP leadership team and plays a lead role in delivering SAP’s offering to public sector customers. A respected thought leader, Ms. Fox-Martin continues to be invited at seminars and conferences by the media and analysts to address public services issues ranging from e-Government transformation and reengineering of Government processes to public service policies. She is regularly featured and quoted in numerous publications throughout Asia and Australia. Ms. Fox-Martin has over 20 years of experience in the field of information technology and management. Effective e-Governance can take information technology (IT) to the common man, while helping Governments to regulate their services in line with the changing needs of both citizens and stakeholders, as well as develop the economy. An IT-driven e-Governance system involves the creation, storage, analysis, dissemination and use of information. Recognizing the growing importance of e-Governance and the use of Information and Communication Technologies (ICTs) in public administration today, we bring you a much needed, regular, interactive platform, where your questions on a pre-deﬁned theme can be answered by Adaire Fox-Martin, Vice President, Public Services, SAP Asia Paciﬁc and Japan. This unique column provides a forum for advocacy, exchange of information, viewpoints and enables a discussion on current concerns and issues in the area. SAP is the leading provider of enterprise business solutions to Governments worldwide, with more than 1,500 customers in over 70 countries. In this issue, we focus on a few questions around “Public Safety and Security” in the backdrop of terror attacks, which have increasingly become a major area of concern since the latter half of 2008. We believe that integrated ICT can be the most potent retaliation to such attacks and acts of terror, while maintaining and enhancing public security.

What does Terrorism have to do with ICT and e-Governance? Does ICT have any role to play in preventing Terrorism and the resulting loss of lives and property? It was very evident in the 26/11 attacks in Mumbai that the perpetrators of the attack used technology to the fullest for being connected and to execute their plan in a slick manner. This has been the case in most such Terrorism attacks. Obviously, the way to counter this is to decode this communication, as well as be one up on the use of ICT. ICT has a major role to play in gathering intelligence, consolidating it, analyzing it and using it in a systematic fashion for both preventive actions and emergency response against acts of terror that disrupt public safety and cause large scale damages to property. What kind of IT solutions can be deployed to help the various security agencies in the country to prevent and respond to Terrorism? The Government of India has taken various steps since 26/11 and it is now critical that we take a systematic approach to leverage IT in the war against terror. It is important that the various intelligence, security and law enforcement agencies be brought on to a common IT platform in order to ensure seamless sharing of information. Perhaps, a secure but consolidated national intelligence database could be the mechanism with complete capability to manage unstructured and varied kinds of data/information such as text, e-mails, photos, maps, SMS, Voices etc. The Government should

also build a flexible and collaborative emergency response system to respond rapidly and prevent disasters or mitigate the losses from disasters and acts of terror. There are three primary ways in which the Government can leverage ICT – intelligence analysis and sharing, emergency preparedness and response, and investigation management. Is there any international experience on using IT for public safety? Are they relevant for India? Over the last few years and particularly post-9/11, the US Department of Homeland Security (DHS) has spent nearly USD 3.75 bn in 2004 and more than USD 11 bn in 2005 on ICT and related projects. Also, institutional mechanisms have been created for handling and using ICT. Similarly, the Federal Emergency Management Agency (FEMA) in the U.S. leverages IT significantly for their national emergency MIS. Police organizations across the globe use IT in a big way to pattern crime behaviors, track crime records, and enable efficient and smart emergency resource planning. These are just a few examples. There is no reason why India should not leverage some of these examples to create their own ICT infrastructure for the war against terror. India is a large country both in size and numbers and it is more than imperative to leverage IT, perhaps more that several other countries. Also, India currently seems to be in the “eye of the Terrorism storm” and it would be critical for the country to implement well-considered but quick, nimble, efficient, bestpractices, and scalable and integrated ICT systems that have already proven themselves globally.

Next Month’s Topic: “ICT for Effective Social Services”. Please mail back your queries on this topic at info@egovonline.net

50 }

www.egovonline.net

Goldfsh have a memory span of 3 seconds. They can’t even see the past, much less the future. But you can. With proven business intelligence and analytic software from SAS. For more information visit www.sas.com/goldfsh or write to us at jaydeep.deshpande@sas.com

SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. © 2007 SAS Institute Inc. All rights reserved. 443608US.0507

RNI NO. - UPENG/2008/25234 UP/GBD - 71/2009 - 2011