The IT Division of NHSRC has undertaken comprehensive initiatives to safeguard our digital infrastructure against evolving cyber threats. Leveraging cutting-edge technologies and best practices, we have established a multi-layered cybersecurity framework aimed at protecting our systems and data from unauthorized access, data breaches, and malicious activities.
Key Cybersecurity Measures Implemented by NHSRC’s IT Division:
- SSL(Secure Socket Layer)Certificate: SSL certificates encrypt the data transmitted between a user's browser and the website server. By implementing SSL certifications, we ensure that all data exchanged between the website visitors and the server remains secure and protected from eavesdropping or tampering by malicious actors.
- Web Application Firewall: WAF is a powerful shield for web applications, offering curated managed rules and customizable settings to guard against threats like SQL injection and DDoS attacks, ensuring web application protection in the ever-evolving digital landscape. The firewalls used by NHSRC, monitor and filter traffic, allowing only authorized and safe data to pass through. This prevents unauthorized access and protects the internal network from various cyber threats.
- • Endpoint Security Solutions: Robust antivirus solutions are deployed with support of the best technologies to scan files and network traffic for malware, ensuring that the website and associated systems are protected from viruses, ransomware, and other malicious programs. We plan to implement DLP (Data Loss Prevention) and XDR (Extended Detection and Response) solutions to enhance cybersecurity. DLP ensures sensitive data is protected, preventing unauthorized access or leaks. XDR offers advanced threat detection and response capabilities, ensuring swift action against cyber threats. These initiatives reinforce our commitment to data security and proactive threat mitigation.
- • Protecting Personal Identifiable Information (PII): The IT Division implements stringent protocols to protect PII, ensuring that any personal information collected on the website is securely stored and processed. Encryption, access controls, and regular audits are employed to safeguard PII from unauthorized access and data breaches. For instance, the sensitive information like Adhar details required during ABHA creation, is not shared with the server, the information is masked by using unique tokens created specifically for that particular transaction, so the sensitive data remains safe and secure.
- Data Backup: Regular data backups are crucial to recovering from data loss caused by cyber incidents, hardware failures, or human errors. We perform automated and encrypted backups of website data, ensuring that in the event of data loss, information can be restored promptly without compromising the integrity of the website.
- VPN (Virtual Private Network): VPNs create a secure, encrypted connection between a user and a private network, enhancing privacy and security when accessing the internet. We use VPNs to secure remote connections to internal systems, ensuring that data transmitted between remote users and the network remains confidential and protected from interception.
NHSRC is dedicated to upholding the highest standards of cybersecurity, thereby safeguarding the confidentiality and integrity of sensitive information. As we continue to evolve and adapt to the ever-changing cybersecurity landscape, we remain committed to ensuring the security of our digital assets and maintaining the trust of our stakeholders.