"Kerala is the most progressive state in the geospatial domain"

shivangi-narayan

Shivangi Narayan | April 20, 2013




C Jayashankar Prasad, director, Kerala State IT Mission (KSITM), in conversation with Shivangi Narayan, talks about cyber security in Kerala, the ways to make it better and the ultimate dream of the state to become a digital society.

What is CERT-K and what kind of powers does it have to tackle cyber security?

 CERT-Kerala was formed in line with the Indian Computer Emergency Response Team (CERT-In) as a separate society which would have a separate large team of its own with all kinds of infrastructural facilities. But when I took over, I had an evaluation of what CERT-K could do and we found out that it did not have enforcement powers like the Hi-Tech Crime Inquiry Cell, and does not have statutory powers like CERT-In. We realised that when the organisation does not have the bite and backing then there is really no point of having that organisation. But then, is there a purpose of CERT-K? Yes, there is. Because it is very important to have a nodal agency to monitor all the government applications and that they comply with the CERT-In norms. CERT-K is that agency which is now a separate group under KSITM with a sanctioned strength of around five persons.

What kinds of efforts have been made to tackle cyber security issues in Kerala?

 We have taken two kinds of measures to tackle issues of cyber security in Kerala: proactive and reactive. Proactively, we review all web applications in the data centre, try to fix the vulnerabilities and then send out a report. We then conduct trainings based on these learnings so that future problems can be avoided. Today, there are applications which can hack on people’s behalf so no one has to be a genius to hack an application or a website. We have to thus be proactive and take care of small things so that we can avoid bigger issues. Also, we have to conduct more and more training with CERT-In for better cyber security in Kerala. Also we do not let any application be hosted in the state data centre (SDC) until it is safe to host and we are very careful about it. Unless the websites are hosted in SDC, we have no control. All government apps have to be hosted on SDC compulsorily.

 In reactive measures, too, we generate a report and provide recommendations on what can be done to prevent such attacks in future. We also send the entire log to CERT-In for analysis. They advise corrective measures, for which, we are constantly in interaction with them. 

 There are two reasons why people hack: one is for obstructing a service and the next is for showing off to their contemporaries. If a person is hacking to show off then he sure will talk about his antics on his blog. We have our people analysing and checking blogs and the moment a reference of the hacking incident comes up, we get to know it and then we pull down that site and take the corrective measures. 

What are the future plans for CERT-K? 

CERT-K plans to become a certifying empanelled agency and ensure that it can do a six-monthly audit of the websites which it certifies. We have to work hard on security because today the hacking incidents are moving from denial of information to denial of service and to finally denial of financial transactions. The biggest concern is security and it is imperative that we work hard in that domain. We need to ramp up our team and expand our scope. We will continue with our research in cyber security but I believe that one need not be loud in one’s research as it may attract future attackers. 

What are you doing to end the issues of interoperability of various applications in the state? 

Interoperability of the applications is an issue in Kerala. I am going to just focus on consolidation and integration. Under consolidation, we noticed that huge infrastructure was present all over the state (in the form of SDC and state wide area network, SWAN) but the departments were not using it because they were not getting proper mails due to absence of internet on SWAN. To fix that we have moved the entire NIC mailbox on the wide area network.

The work of the Friends centres can be done through the Akshaya centres.Even the work of the 95 Jana Seva Kendrams in every corporation can go through Akshaya. 

On a random check, we found out that only 25-30 percent of the servers were being utilised for actual work. Thus, even in infrastructure and hardware, we are promoting co-hosting rather than co-location. I even made all the village officers shift from desktops to laptops. With the desktop, the purchase estimate also includes the cost of the furniture. There is no such thing in the laptop; plus, they can carry laptops with them and work on it all the time. Some of the village officers have started working on Sundays. 

What are the issues with the integration aspect of interoperability of applications? 

 Many of the applications  in the state are running in silos and the programs are discrete. The other levels of integration are the accessibility and affordability of different applications to the common man. This is where the Akshaya system comes in and also the state service delivery gateway (SSDG). 

 At a macro level, to identify the unique beneficiaries of any scheme of the government, Aadhaar comes in for authentication of the beneficiary through biometrics. Government officials spend 50 percent of the time in making, validating, proofreading, approving and issuing certificates. Imagine a ‘certificate-less integrated society’ where data is verified in one step through Aadhaar which can be done online.

 An integrated database, which is the fourth layer of e-governance, is what we call transformative e-governance. This is when individual components of e-governance talk to the people and  simultaneously talk with each other.

Are there any steps being taken on data analysis in Kerala?

We are trying to connect the other than-mandatory data captured in Aadhaar enrolments and then we will let the state resident data hub connect to the central repository to verify the biometrics of the beneficiaries to analyse and build on existing data. Big data analytics can make your decisions much more precise so that you can take a much more conscious decision. Today we take popular decisions. A common data repository can make our work easier, but is an ideal state to achieve. However, we can work to reach somewhere near.

How is the geospatial project going in Kerala? How do you plan to take it forward?

We are using the photos taken by a GPS-enabled device for traffic alerts, drugs control, distribution of food and all other sorts of services where there are chances of a problem. The photo could be used as evidence because it will carry GPS coordinates which can identify the exact location of the incident. This photo is transferred and uploaded on the GIS platform in Kerala. 

 Kerala has been named the most progressive state in the geospatial domain. There is a geo-portal in the state which is a common repository of all the geospatial data crowd sourced from various departments. It is not just data repository but it is also used for providing services to the people. 

When is the SSDG coming up in Kerala? 

 The SSDG would be set up very soon. Thirteen departments have been selected for pilot for SSDG, 10 of them have signed the SRS. The portal is being developed and the service side is being set up. I might go ahead with these 10 departments and make it through to start the SSDG as soon as possible, maybe in a couple of months.

What is the status of the Mobile Service Delivery Gateway (MSDG) in Kerala?  

The MSDG has already been integrated with the central mobile services system. We are looking at more value-added services for mobile phones, on the lines of incident reporting so that we can use the power of the mobile for all kinds of purposes. 

 

Comments

 

Other News

Centre intensifies preparedness as El Niño threat looms

Amid uncertainty in the southwest monsoon due to the potential impact of El Niño, the government is addressing the situation with comprehensive preparedness, a clear strategy, and strong ground-level action. While challenges remain, the entire system has been activated in advance and is working proa

India is crossing a climate threshold

On June 28, Delhi recorded a maximum temperature of 41.3°C, four degrees above the seasonal normal. But the “feels like” temperature, which factors in humidity, showed more than 51°C. What the body experienced was very different from what the thermometer recorded.  India`

The Geography of India’s inflation

India today finds itself in an unusual position. At a time when geopolitical conflicts, trade fragmentation, and supply-chain disruptions are reshaping the global economy, the country`s macroeconomic fundamentals remain relatively upwards. Growth remains among the highest in the world, inflation has larg

How to listen to the great storytellers that the trees are

The Trees of My Country: A Natural History of India in 50 Trees By T. R. Shankar Raman, with illustrations by Manali Patil Aleph Book Company, 284 pages, Rs 1,499  

This tree in Bihar turns out to be the oldest accurately dated banyan

A banyan tree in Munger, Bihar, estimated to be around 700 years old, has been identified as the oldest accurately dated banyan tree, Ficus benghalensis, using radiocarbon dating, a method that relies exclusively on scientific evidence rather than historical records or local lore. Banyan

Corporate Governance 3.0: What the boardroom of 2030 will look like

The phrase "corporate governance" often evokes images of board meetings, compliance checklists, and regulatory filings. For years, governance was viewed primarily as a mechanism to prevent fraud, protect minority shareholders, and ensure regulatory compliance. However, the events of the last deca





Archives

Current Issue

Opinion

Facebook Twitter Google Plus Linkedin Subscribe Newsletter

Twitter