s
Financing Infrastructure Beyond Housing

  1. Contingency Plan in the Event of Defacement

    Defacement Protection Policy
    • HUDCO website is security audited for application vulnerabilities and performance.
    • Any application-level modification on the website implies re-audit of the website.
    • All the servers’ configuration and logs are monitored timely.
    • Only system administrator users are allowed to access the servers for doing administration and configuration tasks.
    • All servers are in lock and net secured.
    • Contents are updated through secured FTP using VPN.
    Monitoring of Defacement of HUDCO Website

    There are two ways of monitoring the defacement of HUDCO website:

    • Security Operation Center (SOC), Help Desk team at HUDCO Data Center, and Website hosting site (ESDS) are continuously monitoring the HUDCO website by analyzing the log files. They also monitor the websites at regular intervals for possible defacement or undesirable changes in the HUDCO website.
    • The Development team also monitors the website regularly. In case of any eventuality, whoever notices it first shall inform the Technical Manager and Web Information Manager on phone as well as through email.
    Actions to be Taken After Defacement

    As soon as the Technical Manager and/or Web Information Manager receive the information regarding the defacement of the website, the following steps will be taken:

    • Stoppage/partial stoppage of the website according to the degree of defacement.
    • Analyzing log files and troubleshooting the source of defacement and blocking of the service.
    • Analyzing type of defacement and fixing it.
    • In case of complete loss of data, restoring the website data from backup or starting the website from DR site in case of long downtime.
    • Giving log files to the security division for analysis.
    • Fixing of all vulnerabilities based on security recommendations and re-auditing of applications.
    • Restoring the affected/corrupted contents from the backup and restoring the site.
    Contact Details in Case of Any Eventuality of Defacement
    S.No Name Designation E-mail Contact No. Organization
    1 Rupesh Shah ED (IT) rupesh@hudco.org 9810713788 HUDCO
    2 Satpal Singh DGM (IT) ssatpal@hudco.org 9810079988 HUDCO
    3 Poonam B Rajpal AGM (IT) pb@hudco.org 9810661642 HUDCO
    4 Abhishek Sharma WD abhishek.sharma91@cipl.org.in 9873477663 CIPL

    Time for Restoration of HUDCO Website After Defacement


    The time taken for restoration of HUDCO website depends on the degree of defacement and services affected by the defacement.

    Data Corruption

    Regular back-ups of the website data are being taken in HUDCO Data Centre. These enable a fast recovery and uninterrupted availability of the information to the citizens in view of any data corruption.

    Hardware/Software Crash

    Though such an occurrence is a rarity, still in case the server on which the website is being hosted crashes due to some unforeseen reason, the web hosting service provider ESDS has enough redundant infrastructure available to restore the website at the earliest. Generally, time required for starting a website from another server will take about 24 hours.

    Natural Disasters

    There could be circumstances whereby due to some natural calamity (due to reasons beyond the control of any person), the entire ESDS Data Center where HUDCO website is being hosted gets destroyed or ceases to exist. In such an eventuality, in-charge of HUDCO will instruct that HUDCO website be started from the DR site.
    Natural Disasters (DR): Storage-based replication takes place at the DR site.