Government Technology Forum of Governance Now provides forum for bureaucracy-industry dialogue
Laptops are the new desktops. More and more people – including those in government departments – prefer the compact device that gives them flexibility to work from office as well as home (and while moving between the two). But with increased ease comes the concerns of reliability and data security.
It was in this context that Rajiv Srivastava, vice president and general manager, PSG, HP India, said, “The next generation of computing will focus on mobility, security and reliability.” He was addressing the Government Technology Forum organised by Governance Now on Wednesday evening. The event was supported by HP and Intel.
Srivastava traced the mobility trend from the early 1990s to now, and said making information available on the move was always a priority for HP. “When the price of a laptop used to be Rs 1.30 lakh, HP took the bold step to price it towards Rs 60,000.”
As for the future of this trend, he said, “We are very concerned that this confluence of mobility, security and reliability becomes a reality.”
Aditya Arya on cyber security
Securing data against the cyber attacks is the real challenge before us, according to Delhi Police special commissioner Aditya Arya, who was the chief guest of the event. Speaking from his long experience, he said cyber crimes are not only growing in number, they are also becoming more sophisticated.
“To counter cyber attacks we need a strategy and backup solutions are the most important part of that. Technical solutions are the other part,” he said. Touching on the global nature of cyber crimes, Arya pointed out that India has a strong IT Act but there are other countries which do not have such strong laws and criminals take advantage of that – most of the cyber attacks originate from such countries.
He also called for capacity building. “We need to have cyber police stations, cyber labs and cyber courts to deal effectively with such crimes.”
Panel discussion
The highlight of the evening was a panel discussion on ‘mobility, reliability and security’. Participants were Madan Mohan Oberoi, DIG, CBI, Alok Vijayant, director, IDG, NTRO, Tejpal Singh, DDG, UIDAI and Sandeep Ahlawat, principal consultant, SeMT, Delhi.
Thampy Koshy
The moderator was Thampy Koshy, executive director, Ernst and Young. He opened the discussion asking why there was sudden concern about information security. After all, information was always crucial. But in the digital era, it is integrated and it always stays there, and hence the alert.
Quoting an armed forces officer, he said we would soon need a fourth wing apart from the army, navy and air force – a digital wing for digital warfare.
Here is a gist of their discussions:
Madan Mohan Oberoi
* To deal with cyber criminals, we will have to revamp our political and judicial structures.
* Cyber crime is global. When you seek help from other countries, they may react differently to different crimes. Terrorism or child pornography may elicit a quick response from the US or other countries where the server is located. But in our multicultural society, there might be a situation when some web content can cause riots here and yet the server-hosting country may not help us immediately.
Alok Vijayant
* The shift towards mobility has mainly been due to user requirement.
*The shift in security has been towards the CIA triad (confidentiality, integrity and availablilty).
*Hackers aren't interested in bringing down a firewall, their genius lies in devising ways to subvert it cloaked as something authorised and acceptable. They challenge the old paradigm, the noral and the traditional. The hacker community is of one people who may not be very technology-enabled but have a sharp sense of perception.
*Motives differ from hacker to hacker. While there is a profit motive for some (trading information), some look at creating 'bots' or storage systems where they park a lot of the data they have hacked into. Then there are others looking for proxies - both networks and computers - to hack into other systems. Based on their requirements, the kinds of systems that they hack into are broadly divided into three categories:
Information system
Resource system
Agent or mercenary system
*Sometimes, security takes a backseat to the continuity of business, with a lot of the users not being entirely security conscious.
*From your mailbox to your system, unprotected usage leaves everything at the disposal of hackers, spyware and malware.
*Security solutions should be designed keeping the hacker in mind - the solution provider must think like a hacker because the hacker is busy reading the security solution designer's mind.
Tejpal Singh
* Mobility has become affordable but has also posed challenges before us. Breach of security is one such threat.
* In an organiastion, the challenge is in identifying what actually needs to be secured. One cannot go on securing everything and randomly. All of us use cell phones today. But we do not know how safe our conversation is.
* End-to-end security is a must. And through UID, the attempt is to build security in every layer.
Sandeep Ahlawat
*Whatever data we are keeping, 80 percent of it doesn't have any business intelligence.
*We are tightening our security control by including digital signatures, online mechanisms and making them biometric compliance. But that minimises expense also.
*Things should be simple, easy to integrate and implement on system.
Raghu Raman on ‘grand plan for national security’
Guest of honour Captain Raghu Raman, head of the National Intelligence Grid, delivered the valedictory address that was as informative as entertaining. He started off with a small clarification on what his nascent organisation is expected to do. “NatGrid is like a library catalogue: books will remain in respective libraries, but we can tell you where to find them. We are not going to collect data.”
Asked to speak on ‘the grand plan for national security’, especially information security, he again resorted to a simile. “Think of it like a national health plan. So the government has its goals and so on. But the head of the family still has to take care of the child’s health. So, the companies and others will have to take care of information” even as the government prepares a plan for it at the national level.
Information security, he argued, is sometimes overhyped. “In our country, the problem is information flow. When that flow is increasing, like the increase in traffic on the roads, there will be accidents. You can’t achieve absolute something in information security.”
Extending his contrarian argument, he said it is important to that the “speed of trust formation” should be increasing but organizations are so focused on info security that the speed of trust building is blocked.
On the much debated issue of privacy, especially in the context of the UID, Capt Raman ridiculed the activists for taking an absolutist position. “Privacy is India is different. Our letters are read by the whole family. Our names reveal so much about our identity.” But when the government is collecting the data, some people are extremely concerned about privacy.
According to him, there are two Indias: “Ideologically we have the best IT Act and so on, but the implementation moves on a different plane altogether, legging a generation behind.”
