Tax body issues guidelines for securing websites, procuring IT services – Moneycontrol

My Account
Follow us on:
Powered By Finity
Discover 5000+ schemes. Track your portfolio 24X7
Invest Now
MC30 is a curated basket of 30 investment-worthy
mutual Fund (MF) schemes.
Invest Now
Powered By Wazirx
The new age digital currency to diversify a portfolio.
Invest Now
Visit this section to access live price and charts.
Invest Now
Learn and stay informed about cryptocurrency in India.
Learn More
Powered By
Learn, discover & invest in smallcases across different types to build your long term portfolio.
Invest Now
Explore from India`s leading investment managers and advisors curating their strategies as smallcases.
Invest Now
Powered By stockal
Diversify your portfolio by investing in Global brands.
Invest Now
Pre-configured baskets of stocks & ETFs that you can invest
in with a single click. Developed by hedge funds, global
asset management companies, experienced wealth
management firms and portfolio managers.
Invest Now
Gamechangers
AMBAREESH BALIGA
Fundamental, Stock Ideas, Multibaggers & Insights
Subscribe
CK NARAYAN
Stock & Index F&O Trading Calls & Market Analysis
Subscribe
SUDARSHAN SUKHANI
Technical Call, Trading Calls & Insights
Subscribe
T GNANASEKAR
Commodity Trading Calls & Market Analysis
Subscribe
MECKLAI FINANCIALS
Currency Derivatives Trading Calls & Insights
Subscribe
SHUBHAM AGARWAL
Options Trading Advice and Market Analysis
Subscribe
MARKET SMITH INDIA
Model portfolios, Investment Ideas, Guru Screens and Much More
Subscribe
TraderSmith
Proprietary system driven Rule Based Trading calls
Subscribe
Moneycontrol  PRO
Moneycontrol  PRO
Curated markets data, exclusive trading recommendations, Independent equity analysis & actionable investment ideas
Subscribe
Curated markets data, exclusive trading recommendations, Independent equity analysis & actionable investment ideas
Explore
STOCK REPORTS BY THOMSON REUTERS
Details stock report and investment recommendation
Subscribe
POWER YOUR TRADE
Technical and Commodity Calls
Subscribe
INVESTMENT WATCH
Set price, volume and news alerts
Subscribe
Days after several websites were hacked by foreign “hacktivists” to protest comments made against Prophet Mohammad, a government body responsible for financial regulations has come out with a list of cybersecurity norms to wall up against such attacks.
In an internal advisory, the Central Board of Indirect Taxes and Customs (CBIC) has asked the principal chief commissioner of customs, central tax and customs and others to host websites of all zones on National Informatics Centre’s Data Centre or on cloud infrastructure provided by Ministry of Electronics and Information Technology-empanelled service providers.
The advisory dated June 13 also said the design of websites should be along the guidelines drawn by NIC for Indian Government Websites (GIGW).
“Website and data security is of paramount concern in the present times in view of increasing security threats. Hackers continuously attempt to explore security vulnerabilities available in the websites and deface government websites,” the advisory, reviewed by Moneycontrol, said.
“Therefore it is important that vendors developing and maintaining the website/applications must put preventive measures in place for website security and use of SSL certificate, which should remain valid at all times.”
The CBIC deals with formulation of policy concerning levy and collection of customs, central excise duties, Central Goods & Services Tax and IGST, prevention of smuggling and administration of matters relating to customs, central excise, Central Goods & Services Tax, IGST and narcotics to the.
On June 10, Indian government websites including those of the Indian Embassy in Israel, National Institute of Agricultural Extension Management and others were hacked following a call given by Malaysia-based hacktivist group DragonForceIO .
Corporate VPNs of a few companies were also breached. Hackers from other countries, too, joined in, a report by cybersecurity company Cloudsek said.
For procurement
The advisory was issued by the Directorate General of Systems and Data Management (DGS) which is responsible for CBIC’s IT initiatives.
It said the IT infrastructure of CBIC was classified as Critical Information Infrastructure by the National Critical Information Infrastructure Protection Center (NCIIPC) under the Cabinet Secretariat.
The CBIC admitted that data exchange with multiple private stakeholders was inevitable due to the open architecture of the logistics and supply chain industry. “In view of the above it is necessary to lay down guidelines on procurement and use of IT-enabled services so as to ensure quality and data security,” it read.
A directorate or any wing of the CBIC can go for procurement of an IT service if it is not provided by the DGS. In such a situation, the Manual for Procurement of Consultancy Services, 2017, should be followed.
One of the guidelines says that the request for proposal (RFP) of a tender must specify that the vendor will be responsible for getting a security audit done by a vendor empanelled by the Indian Computer Emergency Response Team.
Quality
The DGS said the selected vendor must meet the ISO 9000/9001 certification required for denoting quality.
“It provides a set of generic requirements relating to the processes of development and production and how they will be managed, reviewed and improved in order to achieve customer satisfaction,” it said.
Copyright © e-Eighteen.com Ltd. All rights reserved. Reproduction of news articles, photos, videos or any other content in whole or in part in any form or medium without express writtern permission of moneycontrol.com is prohibited.
Copyright © e-Eighteen.com Ltd All rights resderved. Reproduction of news articles, photos, videos or any other content in whole or in part in any form or medium without express writtern permission of moneycontrol.com is prohibited.

source

Posted in Blog
Write a comment
Contact Us
Phone
WhatsApp
WhatsApp
Phone
Contact Us