Share

Top 5 Stories

News

Pakistan establishes infosec department for national database

11 September 2012

Pakistan’s National Database and Registration Authority (NADRA) has established a new information security department to combat data breach attempts and reassure the citizens of Pakistan that their data is fully secure.

NADRA already enforces information security standards and policies and employs information security-certified specialists, it said, but the new information security department will centralize all efforts. NADRA chairman Tariq Malik will head the effort up.

The primary approach to infosecurity will involve proactive means of protecting citizen data stored in the National Data Warehouse “to ensure that confidentiality, integrity and availability of data lie at the heart of the systems, policies and procedures that govern the transmission of data,” NADRA said. To that end, NADRA is monitoring for trends and behavior that may be suspicious, and has deployed new technology tools to safeguard citizens against identity theft and to protect documents against alteration and forgery.

The information security department also will perform periodic penetration testing, data center security audits, network security audits and physical security assessments. Each and every transaction in ID card processing is recorded, logged and can be traced.

When it comes to internal security, NADRA announced that it has achieved CMMI Maturity Level III from the US-based Carnegie Mellon Software Engineering Institute (SEI) , after appraisals as to project management, technology, development and quality management.

An ISO 27001-certified directorate, the NADRA network department has adopted a wide range of security procedures, including physical security, firewall, intrusion detection and prevention systems, Syslog Servers, anti-virus and anti-spam tools, and network protocol analyzer.

NADRA also recently announced that it had registered 92 million citizens with their biometrics.

This article is featured in:
Application Security  •  Biometrics  •  Compliance and Policy  •  Data Loss  •  Identity and Access Management  •  Industry News  •  Internet and Network Security  •  Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×