Security certificate must for all websites


Following recurring incidents of government websites being hacked, a security certificate has been made compulsory for all the new websites being created and for strengthening the existing ones. Nearly 200 websites of the Kerala State Government were hacked several times.

The latest was reported from the Kerala State Electricity Board (KSEB), which was hacked from Ukraine. The Computer Emergency Response Team-Kerala (CERT-K) has been entrusted with the task of security audit of the government websites. In the background of e-district and m-governance programme being implemented in the state, several important services available to the citizens will be affected. CERT-K director Jayasankar Prasad said that all the websites created by the Kerala IT Mission insists on having security certificate.

Thirteen agencies have been selected to conduct the security check of websites and to issue certificates. However, a proposal for a large scale security check is yet to be formulated. “CERTK is regularly monitoring the websites and strengthening them with available resources,” he said. The security certificates given by the agencies are now preventing  hacking to a certain extend. Precaution can be taken when vulnerability is detected


in any of the sites. As part of implementing the e-governance project, several new programmes are being uploaded in the websites of various departments. These sites are linked with services of different departments to provide service to citizens, which are in danger of being hacked.

According to Jayasankar Prasad, all government departments have been instructed to ensure the security

audit with the help of agencies entrusted with providing the certificates. The website of each department

was hosted according to the needs of that department and there was no standardisation for it. The websites in Kerala are being developed by the State Data Centre, National Informatics Centre and agencies outside the country. Now these agencies too have to follow the security guidelines to ensure the threat is minimal. As per the Crisis Management Plan prepared by the Union Government, to counter cyber attacks, the states have beenasked to chalk out their own plans to face the threat.

No comments: