Security is an integral part of the overall GSTN design: Anand Pande, Senior Vice President (CISO), GSTN
“Apart from the business objective, the security and privacy of tax payers data are of utmost importance to GSTN. Hence, the security is an integral part of the overall GSTN design,” says Anand Pande, Senior Vice President (CISO), GSTN in an interview with Mohd Ujaley.
What are the unique features of GSTN system?
The whole GSTN is based on the few key principals. Apart from the business objective, the security and privacy of tax payers data are of utmost importance. The security is an integral part of the overall GSTN design. Because GSTN system is handling critical data of the tax payers. They principal of GSTN system is that we are providing a platform to the stakeholders to interact with the system and perform tax related activities. The IT backbone is based on open API architecture and Ministry of Electronics and Information Technology (MetY) guidelines.
The core GSTN system ensures vendor neutrality, means that it has been designed on open source platform to make it scalable, available and reliable. One of the key differentiators feature of the GSTN IT backbone is reconstruction of the truth. At given point of time, any data that a tax payer is submitting, we will be able to generate the same data with same details at any given point of time.
How security has been embedded in GSTN system?
On security front, we perceived that cyber attack is a key threat along with there is risk from insider and external too. So, to mitigate these threats, some risk mitigating principal and controls are designed and implemented in the system. For example, core GSTN system is not expose to Internet directly. Any interaction to GSTN system – to and from – happens through API and information in between is fully encrypted.
The overall system is a layered architecture. Right from the perimeters to the core, multiple tools and technologies are deployed to ensure security, not only of the data but the overall system as weel. Any access to GSTN system is a roll based access because GST application will be used not only by the tax payers but will be utilized by the tax officials, state governments and their different organizations. The overall ccess to anything is roll based access on need to know basis. For example, If I am from particular zone in Maharashtra, I will only have access to tax payers data from that zone, not of other zones, that ensure security and privacy of data.
In addition to make the security robust, we have real time monitoring of the any information that is going out and coming into entire GSTN ecosystem. And, the system itself is subjected to multiple reviews and periodic audits.
You said that GSTN ecosystem is based on the open source architecture, so how do you ensure security of the systems itself?
Yes, as I said that the core GSTN ecosystem is based on the open source architecture, therefore, it is important that any tools and technology that we use for software development should not pose any threat or risk to the system. So, all the packages which are selected goes through checking for security malware, compliance and risk among others.
After doing this, we have we have created, a repository of software. Only from that repository, tools are utilized. It is not that any tool that can be downloaded from Internet and can be utilized. It means, we have control even on the selection of the tools and periodically, we keep on reviewing the repository.
On application front, entire development happens in alignment with the secure software development life cycle (SDLC). Our partner are cmmi certified, it means we follow all the best practices which is available for software development.
The data centers are critical part of any IT architecture. At GSTN, can you tell us how data centers are managed and secured?
The entire GST application is hosted out of two main data centres supported by two near data centers which function as disaster recovery centers. One of the center is in Delhi and other one is in Bangalore. The overall architecture of the data center is designed for no data loss. In typical arrangement, there will be one data centers and a disaster recovery (DR) centers at some different place. We don’t have separate DR. Our both data centers are functionally active and active. It means, any data which would be return, it would be return in any given point of time in three locations. So, if any data centers goes down, we will have at least three copies available of that data just to ensure zero data loss. All our data centers are tier III data centers and they are highly secured right from physical security to the core. Area where the GST system is hosted. It is a caged area. It is monitor via CCTV. It has got access control implemented which is a combination of biometric and face recognition. It is continuously manned. Fire detection and other environmental security are well implemented. This is on the physical and environmental side.
When it comes to IT infrastructure of the data center, the overall architecture is hosted in a dedicated area in four data centers – two bigger and two smaller data centers. All the system and software and data are secure based on the industry standards and government guidelines.
What standards do you follow at GSTN?
The entire GSTN center is certified against three standards – ISO 27001 which is for physical security, ISO 20001 for IT service and ISO 22301, which is for business continuity. So these three certification have to be there from the day we go live on any services. Internally, also entire network is segmented into various zones via VLANS and the resiliency is there at the device and link level. It has been designed in such a way. So that there is continuous of availability.
Apart from traditional firewall, we have deployed plethora of security tools and next gen devices. We have separate sand boxing tools, Anti-APT, anti-malware and Intrusion Prevention System in place. On Internet side, we have deployed Arbor solutions for DDoS protection. This is in addition to the protection that we are getting from ISPs.
Even for data base security, apart from roll base access, the entire data base is studded or stored in various studs so at any given point of time, even if you think hypothetically if system gets compromised , the hacker will not get access to entire data and whatever data they get they will get in encrypted format, with no use to them.
For example if you have a particular data base which you are studding and storing at various location, only the system knows that which data is where and how to reconstruct the data in a meaningful way. This is what we do to ensure data security. In addition to real time monitoring, we have deployed DAM tool which is a database activity monitor tool. So, overall security is very robust with GSTN system.
