Governments across states are reinventing themselves on the backdrop of digital technologies. They are automating citizen centric services and making them available on different channels at the front-end (physical centers, web and mobile). They’re embedding individual digital identities to provide the beneficiaries convenience and ease in availing government services.
In fact, various departments like police, agriculture, public distribution, road transport, etc. are creating internal capacities to serve citizens through a common platform. This is an evolving phenomenon where continual improvement is the name of the game.
With the baseline work in terms of data deduplication, digital identity, linking of bank accounts and digitization of artefacts like ration cards being done, digital for governance is at a very crucial juncture. As the govt. continues taking such digital leaps forward, it’s essential to ensure the security of its various initiatives with the right technology. An unsecured environment can de-rail all plans.
CMR interacted with Nikunj Thakkar, Country Lead-Solution Consulting, Managed Content Services, HP Inc. to understand the essential steps that the Indian govt. should take to ensure a safe and secure digital environment.
What aspects of security are becoming critical in govt. departments?
Nikunj: The next ‘mantra’ for security is to go beyond the obvious targets. Security shouldn’t be looked at merely from point products or tech perspective, but it should be looked at from the point of view of governance risk.
Risk assessment should be built into the governance culture and be driven from top-down. Only then can required levels of structural resources and mechanisms be invested at par by the govt.
How can such security risks be addressed?
Nikunj: Risk Culture has to have 3 key metrics to secure continuum for Govt. Systems i.e. Accountability, Responsibility and Empowerment (ERA). Right from top line of authority to bottom line of worker should have cascading ERA to call out risk assessment, identification and mitigation to entity closest to the event. Especially for IT Risks, since IT infrastructure and endpoints are the backbone of NeGP.
How can the industry play a role in partnering with the govt. to create secure digital environments?
Nikunj: HP is leading the stack with Endpoint Risk Advisory Services, self-healing endpoints, cyber security preventive tools to automate regular risk assessments, remediation and forensics. With global accolades with exposure, HP proves to be a cyber combat to protect Govt. Systems in India too.
Can you please cite some examples of how this can be done?
Nikunj: HP did a joint exercise between Immigration Department and New Delhi Municipal Corporation and discovered 60 fake birth certificates at the root of 600 suspect’s passports that were issued. HP Inc. implemented a solution that added multiple layers of content security while printing those birth certificates.
Similarly, there are so many other documents that can be faked, like land passbooks, farmer I-cards for DBT schemes, etc.
Protection therefore has to be extended at all levels.