News
Xenius complies with all MOP guidelines
Source: https://www.xenius.in/xenius-complies-with-all-mop-guidelines/
Despite their critical importance to the Government, the operations of many organisations in the power sector are not always totally safe. In order to ensure their safety, the Ministry has Power has formulated multiple guidelines. If adhered to strictly, these can safeguard web application servers of the power companies from getting hacked. Radius Synergies has taken care to ensure that its Xenius system meets all these guidelines.
- The Ministry of Power has set in place various guidelines for the power sector utilities in order to safeguard their web application servers from hackers.
- Any remote access traffic such as Remote Desk Protocol (RDP) and Secure Shell Protocol (SSH) must be tunnelled and encrypted.
- Every application, service and web application running must be analysed and given least privileges to safeguard the servers.
- All the server log files, WAF logs and Security event logs must be thoroughly analysed to detect and stop suspicious behaviour on the server and network.
Among the largest in the world, the power sector in the country is highly critical for the Government. Unfortunately, however, the web application servers used by many power sector organisations are not always 100 per cent safe. These are prone to hacking that can result in hurting the country’s economy, besides creating restlessness among citizens. Keeping these key factors in mind, the Ministry of Power has set in place various guidelines for the power sector utilities in order to safeguard their web application servers from hackers. Radius Synergies International takes pride in the fact that its Xenius system meets all the compliances required by the MOP. Some of these guidelines have been discussed below:
- Isolation of Networks: Physical isolation of Operational Technology (OT) and Information Technology (IT) networks is required by all SLDCs and power corporations.
- Switch Off unnecessary functionality: Any feature or functionality that is not used by the web application must be uninstalled or switched off.
- Limit and Secure Remote Access: Access to the web server locally must be given to a very few administrators. Any remote access traffic such as Remote Desk Protocol (RDP) and Secure Shell Protocol (SSH) must be tunnelled and encrypted.
- Use accounts with limited Privileges: The privileges assigned to database account must be minimised. Access rights like DBA or Admin should not be provided to application accounts. It is safer for an administrator to have different accounts for different tasks.
- Permissions and Privileges: Every application, service and web application running must be analysed and given least privileges to safeguard the servers. Servers must be properly configured to prevent unauthorised access and directory listing.
- Segregate Development, Testing and Live Environments: All the development and testing is done in a staging environment. Once the development and testing is done, the administrator must apply changes to the live environment and also make sure that these changes to the web application should not pose any security risks.
- Install Security Patches: All the security patches should have the latest versions of that particular software.
- Enable and Monitor Logs: Properly configured Web Application Firewall (WAF) should be deployed. All the server log files, WAF logs and Security event logs must be thoroughly analysed to detect and stop suspicious behaviour on the server and network.
- Backup: The website data must be properly backed up and secured using an encrypted medium.
- Audit: The web application and its IT infrastructure must go through regular security auditing and Vulnerability Assessment and Penetration Testing (VAPT) must be carried out by an authorized auditing agency.
-
Interviews1 week ago
High Rental Yield, Price Appreciation, Stable Growth, Make Sydney an Ideal Realty Investment Option: Haansal Estate
-
News3 days ago
Tenant Experience Platform, Aeria, Raises $1.8 m Pre-Seed Round Led by Kalaari and Foundamental Along With Others
-
News4 weeks ago
Transindia Real Estate To Sell Jhajjar Logistics Park, ₹ 636.71 cr+ Ent. Value
-
News2 days ago
AIPL’s Business Club Secures Rs 100/sq ft Rental on Golf Course Extn Road, Gurugram
-
News17 hours ago
GOCL Corporation monetises 264.50 acres of land asset in Kukatpally for Rs 3402 cr
-
News17 hours ago
Sacred Cities See a Retail Boom as Spiritual Tourism Surge: CBRE Report
-
News1 day ago
Kanodia Group Enters Real Estate; Targets Over Rs 5000 Cr Investment By 2028
-
News3 days ago
Managed Workspace Provider Table Space Appoints Jamshed Taraporwala to head BD