indian_flag भारत सरकार | Government of India

Website Policy

Copyright Policy

Material featured on Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology can be reproduced free of charge after taking proper permission by sending a mail to us. However, the material has to be reproduced accurately and not to be used in a derogatory manner or in a misleading context. Wherever the material is being published or issued to others, the source must be prominently acknowledged. However, the permission to reproduce this material shall not extend to any material which is identified as being copyright of a third party.

Authorization to reproduce such material must be obtained from the departments/ copyright holders concerned. These terms and conditions shall be governed by and construed in accordance with the Indian Laws. Any dispute arising under these terms and conditions shall be subject to the exclusive jurisdiction of the courts of India.

Hyper Linking Policy

Links to external websites/portals

At many places in this website (Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology), you shall find links to other websites/portals. The links have been placed for your convenience. Digital India is not responsible for the contents and reliability of the linked websites and does not necessarily endorse the views expressed in them. Mere presence of the link or its listing on this Portal should not be assumed as endorsement of any kind. We cannot guarantee that these links will work all the time and we have no control over availability of linked pages.

Links to Digital India -Website by other websites

We do not object to you linking directly to the information that is hosted on this site and no prior permission is required for the same. However, we would like you to inform us about any links provided to this Portal so that you can be informed of any changes or updations therein. Also, we do not permit our pages to be loaded into frames on your site. The pages belonging to this site must load into a newly opened browser window of the User.

Privacy Policy

Digital India-Website does not automatically capture any specific personal information from you, (like name, phone number or e-mail address), that allows us to identify you individually. If the Digital India-Website requests you to provide personal information, you will be informed for the particular purposes for which the information is gathered and adequate security measures will be taken to protect your personal information.

We do not sell or share any personally identifiable information volunteered on the Digital India-Website to any third party (public/private). Any information provided to this website will be protected from loss, misuse, unauthorized access or disclosure, alteration, or destruction.

We gather certain information about the User, such as Internet protocol (IP) addresses, domain name, browser type, operating system, the date and time of the visit and the pages visited. We make no attempt to link these addresses with the identity of individuals visiting our site unless an attempt to damage the site has been detected.

Content Contribution, Moderation & Approval policy (CMAP)

Content is created by the Nodal Officers designated by Group heads. The content is approved by the respective Group Heads and emailed to webmaster@digitalindia.gov.in . for publishing on the Digital India website. It is required to contribute the content through an Official email id(.gov.in/.nic.in) only to Webmaster at webmaster@digtitalindia.gov.in. To maintain uniformity and to bring in standardization along with associated metadata and keywords of this document content across the website is to be kept consistent with the ‘Guidelines for Content Categories in Digital India -Website’.

Content received by webmaster on the designated email webmaster@digitalindia.gov.in is published on the website through a web-based Content Management System within the same working day.

Once published the Nodal Officer under the Group heads are notified to verify and confirm. The responsibility of the website content however, lies with the Web Information Manager.

Content Archival Policy (CAP)

Divisions are informed by sending timely reminders to them for updating their content & putting the old content into Archive section.

Promotional banners published or deleted on the website only as per the requests from content owners (Nodal Officers and Group Heads). No banners are kept as an archive data. In case there is a lapse in request for removal of banner a reminder is sent to the content owner before archiving the same.

For few of the components like Notifications, Tenders, Vacancies the content Published On date & Unpublished/Archive Date is always available on the website.

For archival of old contents (documents, schemes, services, forms, websites and contact directory), the content owners are required to send an email to webmaster for archival of the same as per the Content Review Policy.

Content Review Policy (CRP)

The Content Review Policy is prepared in consultation with the content owners (Nodal Officer under the Group heads). The responsibility of review and approval of the content is that of the respective content owner i.e. respective Nodal Officer and Group Heads.

The content is published on Digital India Website only after the approval of the content by the respective approver of the content which is received through an Official email id(.gov.in/.nic.in) at webmaster@digitalindia.gov.in. The CMS Administrator then publishes the content through CMS.

The confirmation of content published on Digital India website is given to the content owner. The records of these communique’ are maintained and are available in CMS.

The entire website content is reviewed for syntax/grammar checks once in a week by the Digital India Website Team.

Security Policy

All security issues related to the website will be addressed as per security guidelines issued by Government of India from time to time. Digital India website contains information which is freely accessible, and may be viewed by any visitor. However, the website maintains a copyright interest in the contents of all of its websites. Except for authorized security investigations and data collection, no attempts will be made to identify individual users.

The website has been audited by Cert-in empanelled auditor and all the vulnerabilities have been fixed. Upon completion, security clearance certificate of cert-in empanelled auditor has been received. A periodic check on the requirement of security certificate is recommended to the web information manager in case there are changes in the functionality or any other environmental changes.

  • Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology has been placed in protected zones with implementation of firewalls and IDS (Intrusion Detection System) and high availability solutions.
  • Before launch of the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology, simulated penetration tests have been conducted. Penetration testing has also been conducted __ times after the launch of the Digital India (digitalindia,gov.in).
  • Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology has been audited for known application level vulnerabilities before the launch and all the known vulnerability has been addressed.
  • Hardening of servers has been done as per the guideline of Cyber Security division before the launch of the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology.
  • Access to web servers hosting the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology is restricted both physically and through the network as far as possible.
  • Logs at __ number different locations are maintained for authorized physical access of Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology servers.
  • Web-servers hosting the Digital India (digitalindia,gov.in) are configured behind IDS, IPS (Intrusion Prevention System) and with system firewalls on them.
  • All the development work is done in a separate development environment and is well tested on the staging server before updating it on the production server.
  • After testing properly on the staging server the applications are uploaded to the production server using SSH and VPN through a single point.
  • The content contributed by/from remote locations is duly authenticated & is not published on the production server directly. Any content contributed has to go through the moderation process before final publishing to the production server.
  • All contents of the web pages are checked for intentional or unintentional malicious content before final upload to web server pages.
  • Audit and Log of all activities involving the operating system, access to the system, and access to applications are maintained and archived. All rejected accesses and services are logged and listed in exception reports for further scrutiny.
  • Help Desk staff at the Digital India Portal Team> monitor the Digital India (digitalindia,gov.in) at intervals of daily to check the web pages to confirm that the web pages are up and running, that no unauthorized changes have been made, and that no unauthorized links have been established.
  • All newly released system software patches; bug fixes and upgrades are expediently and regularly reviewed and installed on the web server.
  • On Production web servers, Internet browsing, mail and any other desktop applications are disabled. Only server administration related tasks are performed.
  • Server passwords are changed at the interval of _number months and are shared by _number persons _name and _name.
  • _name and _name have been designated as Administrator for the Digital India (digitalindia,gov.in) and shall be responsible for implementing this policy for each of the web servers. The administrator shall also coordinate with the Audit Team for required auditing of the server(s).
  • Digital India (digitalindia,gov.in) has been re-audited for the application level vulnerability after major modification in application development [Not applicable at first launch].
  • The Digital India (digitalindia,gov.in) has been audited before launch and has complied with all the points mentioned in the policies document of the Cyber Security Group mentioned above.
  • Digital India (digitalindia,gov.in) has also been subjected to an automated risk assessment performed through vulnerability identification software before and after the launch and all the known vulnerabilities have been addressed.

Website Monitoring Plan

The Department provides this website and the information it contains as a public service. This system is monitored to ensure proper operation, to verify the functioning of applicable security features, and for comparable purposes. Anyone using this system expressly consents to such monitoring.

Website is monitored periodically. The parameters like Performance, Functionality, Broken Links and Traffic Analysis are ensured for its optimal performance.

The Feedback mechanism through feedback form made available for taking feedback from the visitors. Also have a mechanism for feedback analysis It will help enhancements of the website as suggested by the visitors.

Contingency Plan in the event of defacement

Defacement Protection Policy

  • The Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website is security audited for application vulnerabilities and performance.
  • Any application-level modification on the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website implies re-audit of the website.
  • Only system administrator users are allowed to access the servers for doing administration and configuration tasks.
  • All servers are in lock and net secured.
  • Contents are updated through secured FTP using VPN.

Monitoring of defacement of Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website

There are two ways of monitoring the defacement of the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website.

  1. Cyber security division is continuously monitoring by analyzing the log files. The Central help desk at NIC (HQ) data Centre is also monitoring the websites at regular intervals for possible defacement or undesirable change in the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website.
  2. The Development team also monitors the website regularly. In case of any eventuality, whoever notices it first shall inform the Technical Manager and Web Information Manager on Phone as well as through email.

Actions to be taken after defacement

As soon as the Technical Manager and/or Web Information Manager receive the information regarding the defacement of the website, the following steps will be taken:

  • Stoppage/partial stoppage of the website according to the degree of defacement.
  • Analyzing log files and troubleshooting the source of defacement and blocking of the service.
  • Analyzing type of defacement and fixing it.
  • In case of complete loss of data, restoring the website data from backup or starting of website from DR site in case of long down time.
  • Fixing of all vulnerabilities on the basis of security recommendations and re-auditing of applications.
  • Restoring the affected /corrupted contents from the backup and restoring the site.

Time for Restoration of the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website after defacement

The time taken for restoration of the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website depends on the degree of defacement and services affected by the defacement.

Data Corruption

Regular back-ups of the website data are being taken in AWS Cloud. These enable a fast recovery and uninterrupted availability of the information to the citizens in view of any data corruption. Regular back-ups of the website data are being taken in AWS cloud. These enable a fast recovery and uninterrupted availability of the information to the citizens in view of any data corruption.

Hardware/Software Crash

Though such an occurrence is a rarity, still in case the server on which the website is being hosted crashes due to some unforeseen reason, the web hosting service provider - _____ has enough redundant infrastructure available to restore the website at the earliest. Generally, Time required for starting a website from another server will take about 24 hours.

Natural Disasters

There could be circumstances whereby due to some natural calamity (due to reasons beyond the control of any person), the entire data center where the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website is being hosted gets destroyed or ceases to exist. In such an eventuality, in-charge of NIC will instruct that the Digital India (digitalindia,gov.in), Ministry of Electronics & Information Technology website to be started from the DR site.