NPCI proceeds to invest in people, technology and process that have to safeguard the IT Infrastructure, data generated by these and the electronic identities which access these information – stays secure and procured by deploying advanced technologies for monitoring and protecting them. Maintaining privacy of information would be of utmost priority in NPCI and NPCI guarantees all clients that data processed in our conclusion is totally secured and not accessible by anyone untrue.
Together with the vision of serving each Indian with another or one Digital Payment alternative, NPCI, passionately pushes near 2.5 Billion trades on a monthly basis with its indigenously developed platforms such as RuPay, UPI, IMPS, AePS, NETC, Bharat Bill Pay etc. These programs are made indigenously with higher resiliency & security to accommodate our vision of becoming the “Best Payments Network globally”.
Powerful Corporate Governance at NPCI
NPCI faces several inspections according to the Government and regulatory compliances. Audits & Inspections of different character are conducted periodically to improve and strengthen Corporate Governance.
a number of those clinics at NPCI contain,
a) Secured software Coding techniques such as Code evaluation & application security examinations
b) Routine internal audits across Info Communication Technology (ICT) Infrastructure
c) Continuous Vulnerability Assessment and Penetration Testing followed by Regular patching
Id ) External audits of Critical Software
e) Regulatory review or audit from the ruler and Authorities Nodal agencies on regular basis
f) 3rd Party audits like compliance with PCIDSS, completed by QSA’s (Qualified Security Assessor) qualified by PCI Council to confirm adherence to PCIDSS Standards & compliance to ISO 27001, completed by qualified ISO Lead Audit companies.
gram ) Surprise cyber safety drills by third party specialists
NPCI guarantees all findings have been elaborately examined and remediated to their satisfaction of the auditors. Appropriate compensatory controls have been set up wherever required.
Lt. General Rajesh Pant, NCSC, “We conduct Special Cyber Audits as part of the nation’s effort to protect and safe guard all critical enterprises such as NPCI, UIDAI, NIC etc, thereby helping to ensure the overall National Security. NPCI has provided higher levels of access to NCSC that are not normally made available to any stakeholders during regular course of business, as an effort to strengthen its cyber defense. I wish to compliment the top leadership of NPCI and their CISO for inculcating a culture of strong Cyber Security Governance with a robust infrastructure which meets global security standards.”
Powerful Cyber Security Practice & Data Security
NPCI ardently thinks that Cyber Security is of extreme significance and aims to protect its resources and community against all sorts of widespread cyber-attacks. Over the previous years NPCI has deployed numerous technologies to update its security position Implementing a multi-layered defence strategy to fight growing cyber threats.
NPCI has embraced its own Safety frame inline to the NIST Framework to comprise Protect, Detect, Respond, Predict and Recover methodology. NPCI has adopted implementation of those policies, guidelines and processes to handle risks to its information resources, therefore ensuring acceptable levels of risk.
A number of the state of the art technologies deployed at NPCI to thwart Cyber-attacks contains,
· Perimeter safety controls such as anti virus, web application firewall, micro-segmentation of system, routing controllers, guaranteed switch configurations, proxy server, Anti-Distributed Denial of Service Option, Anti – Advanced Persistent Threat etc.
· Information protection such as Information Leakage Protection, Digital Rights Management, tokenization & encryption of sensitive information components and active observation of both unstructured and structured information
· Safer & Secure joins to ecosystem players such as communicating channel encryption
· Different Detective controls such as Deceptive technologies (Decoys) are used as early signs to spot Cyber-attacks
· A committed group of highly trained professionals that have engaged in various internationally famous & acclaimed Cyber Defense program oversees the Security Operation Centre 24x7x365
· Privileged identity & access management options that further segregates the logical access and limits user to access essential processes supported by Multi variable authentication
NPCI participates with safer RED TEAM along with BREACH readiness examinations as well occasionally. With the complex security threats which our surroundings faces in present times, NPCI’s goal is to always fortify our safety layers. Along with measures we carry, we welcome and encourage specialists, including applicable government, for regular reviews and reviews to maintain our controllers sharp and greatest in class.
NPCI manages all sensitive data like card information in keeping with PCIDSS requirements. PCIDSS standards also lets clear card info under specific circumstances for allowed functions, with proper controls. We’ve been subject to routine PCIDSS audits through externals QSA’squalified by PCI council. NPCI is totally compliant with these standards. NPCI proactively has embraced global best practices in managing personal identifiable information (PII) and is among the oldest professionals in India.
Dilip Asbe, MD & CEO NPCI stated, “We think about audits as a significant governance coating to the IT systems that evolves continuously, for appropriateness and adequacy of controllers set in order to make sure that the essential systems, procedures and information under its purview stay protected and protected. As a procedure, NPCI has ensured that we now have sufficient controls across multiple degrees and Audit findings have been remediated closed and immediately to gratification of auditing entities.
In NPCI, we working with stakeholders to ensure safe, secure and convenient payment options for customers. Our goods are undergoing innovative developments on a constant basis to guarantee customer receives the best of obligations experience.”
In reaction to this a number of the current press reports, we reiterate that NPCI maintains high levels of safety criteria and an integrated strategy to secure its infrastructure, a powerful governance via proactive independent audits, also continue to offer a strong payments ecosystem.
If You’ve Got an intriguing article / expertise / case study to share, please get in contact us in [email protected]