- 1.1 Contingency Plan in the event of defacement.
A.1.1 Defacement Protection Policy:
- The Directorate of Fire & Emergency Services website is security audited for application vulnerabilities and performance.
- Any application-level modification on the Directorate of Fire & Emergency Services website implies re-audit of the website.
- All the servers’ configuration and logs are monitored timely.
- Only system administrator users are allowed to access the servers for doing administration and configuration tasks.
- All servers are in lock and net secured.
- Contents are updated through secured FTP.
A.1.2 Monitoring of defacement of the Directorate of Fire & Emergency Services website:
There are two ways of monitoring the defacement of the Directorate of Fire & Emergency Services website.
- The cyber security division is continuously monitoring by analyzing the log files. The Central help desk at NIC (HQ) data Centre is also monitoring the websites at regular intervals for possible defacement or undesirable changes in the Directorate of Fire & Emergency Services website.
- The Development team also monitors the website regularly. In case of any eventuality, whoever notices it first shall inform the Technical Manager and Web Information Manager by Phone as well as through email.
A.1.3 Actions to be taken after defacement:
As soon as the Technical Manager and/or Web Information Manager receive the information regarding the defacement of the website, the following steps will be taken:
- Stoppage/partial stoppage of the website according to the degree of defacement.
- Analysing log files and troubleshooting the source of defacement and blocking of the service.
- Analysing the type of defacement and fixing it.
- In case of complete loss of data, restoring the website data from the backup.
- Giving log files to the security division for analysis.
- Fixing of all vulnerabilities based on security recommendations and re-auditing of applications.
- Restoring the affected /corrupted contents from the backup and restoring the site.
A.1.4 Contact Details in Case of Any Eventuality of Defacement:
Designation | Organisation | Email Address | Telephone/Mobile No. | Office Address |
---|---|---|---|---|
Station Fire Officer | DFES, Goa | cnt-fire.goa[at]nic[dot]in | 0832225500 | Opp. Caculo Mall, St. Inez, Panaji, Goa |
Web Developer | Technotrix, Goa | alansaviolobo[at]gmail[dot]com | 9822161049 | Office 2, Lobo Arcade, Aldona, Goa |
A.1.5 Time for Restoration of the Directorate of Fire & Emergency Services website after defacement.
The time taken for restoration of the Directorate of Fire & Emergency Services website depends on the degree of defacement and services affected by the defacement.