Contingency Management Plan

I. Defacement Protection Policy

The BPR&D is security audited for application vulnerabilities and performance.

  • Any application-level modification on the BPR&D implies re-audit of the website.
  • All the servers’ configuration and logs are monitored timely.
  • Only system administrator users are allowed to access the servers for doing administration and configuration tasks.
  • All servers are in lock and net secured.
  • Contents are updated through secured File Transfer Protocol (FTP) using Virtual Private Network (VPN).

II. Monitoring of Defacement of BPR&D

  • Cyber security division is continuously monitoring by analyzing the log files. The Central help desk at NIC (HQ) Data Centre is also monitoring the websites at regular intervals for possible defacement or undesirable change in the BPR&D.
  • The Development team also monitors the website regularly. In case of any eventuality, whoever notices shall inform the Technical Manager and Web Information Manager through email / official communication.

III. Actions to be Taken After Defacement

Technical Manager and/or Web Information Manager upon receipt the information regarding the defacement of the website, the following steps will be taken:

  • Stoppage/partial stoppage of the website according to the degree of defacement.
  • Analyzing log files and troubleshooting the source of defacement and blocking of the service.
  • Analyzing type of defacement and fixing it.
  • In case of complete loss of data, restoring the website data from backup or starting of website from DR site in case of long down time.
  • Giving log files to the security division for analysis.
  • Fixing of all vulnerabilities based on security recommendations and re-auditing of applications.
  • Restoring the affected/corrupted contents from the backup and restoring the site.

Contact Details in Case of Any Eventuality of Defacement

Name Designation E-mail Address Telephone/Mobile No. Office Address
Smt. Esha Pandey I/c Director (Admin) esha-pandey@ips.gov.in +91-11-26782013 Bureau Police Research and Development (Ministry Home Affairs), Mahipalpur, New Delhi 110037

IV. Time for Restoration, After Defacement

The time taken for restoration of the BPR&D website depends on the degree of defacement and services affected by the defacement. However, BPR&D will make all efforts to restore the same as soon as possible.

V. Data Corruption

Regular back-ups of the website data are being taken at NIC Data Centre. This enables a fast recovery and uninterrupted availability of the information to the public in view of any data corruption.

VI. Hardware/Software Crash

Though such an occurrence is a rarity, still in case the server on which the website is hosting crashes due to some unforeseen reason, the web hosting service provider - NIC Data Centre has enough redundant infrastructure available to restore the website at the earliest. Generally, time required for hosting a website from another server will take about 24 hours.

VII. Natural Disasters

There could be circumstances whereby due to some natural calamity (due to reasons beyond the control of any person), the entire data center where the BPR&D website is hosted gets destroyed or ceases to exist. In such an eventuality, in-charge of NIC will instruct that the BPR&D website to be started from the Disaster Recovery site, NIC.

VIII. Disasters Recovery

Storage based replication takes place at Disaster Recovery site, NIC.

© Copyright 2024 - Content owned by Bureau of Police Research & Development, Developed, hosted, and maintained by ADG Online Solutions Pvt. Ltd.

logo.svg