NHPC Limited is an Indian hydropower generation company that began its operations as a public limited organisation in the year 1986. It is considered as a Mini-Ratna Category-I Enterprise of the Government of India, and is one of the largest organisations for hydropower development in India. NHPC has also been able to diversify its operations in the fields of solar and wind power.
At Express Computer’s, Government Data Center & Infrastructure Summit, we had an opportunity to speak to Dr Prashant Atrey, Group GM (Civil) – HOD – IT&C, NHPC Ltd on important topics related to data centers, IT infrastructure and security.
Edited excerpts :
Can you share with us how the IT infrastructure has evolved for such a large organisation like NHPC ?
NHPC is the largest hydro power organisation of the country, and has been involved in delivering clean and green energy. Our main objective for our IT division had been to act as a pillar of the organisation. And, we started this journey in the year 1987 with the purchase of VAX /VMS mainframe computers and have witnessed numerous changes in the environment ever since. However, as time moved on we had to shut down those systems due to the unavailability of source and focus more on the networking part; so gradually we went ahead and adopted the Enterprise Resource Planning (ERP) solutions. And as far as the data centers are concerned, when we had the mainframe computers it was just like a data center for us with around 20 terminals and some even extending across the buildings. Back then we built our own computer centers, and much later, by 2006/2007 we switched on to ERP solutions. We purchased the hardware and started off by using the data center services of National Internet Exchange of India (NIXI) and BSNL, and set up our servers there.
What are the recent IT initiatives taken by your organisation?
Recently in 2020, we made a state- of -the-art technology data center at our corporate office in Faridabad which consists of numerous features to handle high volume computing needs for our non ERP applications, crucial applications and legacy systems. This was largely developed by the in-house team as it was necessary to keep the privacy of our organization’s data to keep it free from the access of any outside agency. Also, lately we planned for a new IT roadmap to be rolled out in the near future and we will be implementing new-age ERP in our organization, which is going to be in a tender stage and embedded with in-built AI, ML, and advanced analytics. Till this time we were hybrid, but now we will be going a step ahead with SaaS based ERP solution, which will have 99.97 percent availability on the cloud. We are going to have a service level agreement (SLA) and are open to any vendor who can provide the same. Moreover, in the public sector, manpower resources are considerably going down, so we have to make an effort to outsource whatever we can as an organization. We are going forward with our decision to go for a bid.
From a security point of a view, what are some of the measures that you have taken?
For all the infrastructure companies in the government, we have to follow the CERT-In guidelines. And in the power sector also we are doing the same. First of all, if one follows, vulnerabilities can be minimized. And formation of information security group is something that we have done in our organization, followed by different cyber security nodal groups at our power stations. We have got a well defined cyber crisis management plan that addresses each and every type of attack. Also, as per the CERT-In guidelines we have to onboard all our public IP’s on the Cyber Swachhta Kendra.
Last but not the least, I would like to point out that taking care of cybersecurity is a very costly affair. Cost is increasing day by day; whether you talk about importing the right security patches from abroad, vendor charges, latest security features and also, the data center costs are constantly rising.