Menu

EVOLUTION INFO-SECURE

SECURITY, SENSE & ETHICS

IT ACT COMPLIANCE CONSULTING

CYBER SHEILD™:

EVOLUTION has developed Cyber Shield™ which is specially designed for organizations which primarily do not have a Cyber security program. 
CYBER SHEILD™ can also be used for all kinds businesses, which will help prevent your computer systems against attempts of hacking and attacking from insiders and outsiders.

The details are as follows:-

EVOLUTION INFO SECURE provides your organization with IT SECURITY COMPLIANCE CONSULTING  and general cyber security auditing which will be in line with the IT Act- Which would help your organization to comply with the IT act requirements, our compliance consulting services, will include a full inspection of your current system architecture based on risk assessment and suggest you with any needed changes which will help you make your IT infrastructure more safe to use, also it will help you to maintain a proper record of the 'Reasonable Security practices and procedures' as notified by the Government as per IT act via notification GSR 313(E) to maintain the "Reasonable Security Practices" within the organization.

We look into following aspects, which forms core of Cyber Shield™:

  • Operating system security - Since operating system is serves as backbone for any business, it’s the platform for any application to work on, we help you to optimize your operating system and spot and shield known vulnerable points in the operating system and making it more secure to use, than ever before.
  • Internal auditing - We also provide your organization with INTERNAL AUDITING SERVICES and train your staff with regard to internal auditing. We help you audit existing policy of your organization and correcting the faulty practices of conducting the business operations. Our policy audit helps our clients to spot their weakness and strengths and make appropriate changes in the existing policy for a more secure and confident working environment.
  • Network security – Auditing in the network security area looks for any weakness in the current network architecture. We review your network by scanning the systems and searching for the open windows which might compromise the security. “EVOLUTION INFO SECURE SERVICES” provide you best in class wireless security models in your office/home to make your local networks more fast, secure and reliable to use within. We help you to choose the best hardware and encryption levels which are just perfect for your environment to use internet without any fear of being hijacked by any one. As we know that there are been many incidents of cyber attacks by criminals who use the wireless networks to commit crimes and send threatening mails right from your network.

As a need to provide your organization with a holistic information security, we help you form proper security policies to protect your information assets.

CYBER SHIELD™ DELIVERABLES:-

1. Baseline Security Report.

2. Risk Assessment and Mitigation strategy.

3. Comprehensive Information Security policy and procedures based on the Risk assessment.

With the above core components that will be aligned to ensure proper security of information assets, we also look into physical security, access control methodologies, business continuity, password policies,etc. which are also essential to have a proper layered security approach. Kindly contact us to know more about Cyber shield™ programme.

IT Act & Compliance

The recent amendments in the Information technology Act, specifically under section 43A, have mandated the organizations- be it of any shape, size or structure which deals with sensitive personal data in its computer resources have to protect the customers data via proper procedures. If an organization is negligent in maintaining proper security of sensitive information and thereby causes a wrongful loss or wrongful gain to any person, such an organization will be liable to pay damages by way of compensation to the person so affected.

The law defines sensitive personal information as password, financial information eg. bank account, credit/debit card number, physical, physiological and mental health condition, sexual orientation medical records and history, biometric information,etc.

Law mandates that the sensitive information must be protected via proper security procedures. With "reasonable security practices and procedures"

Non-compliance with any of the provisions of the data privacy rules is penalized with a compensation /penalty of upto Rs. 25,000 under section 45 of the Information Technology Act.  Also, there may be liability under section 43A of the Information Technology Act. Under the original ITAct 2000, compensation claims were restricted to Rs. 1 crore. Now claims upto Rs 5 crore are under the jurisdiction of Adjudicating Officers. Claims above Rs 5 crore are under the jurisdiction of the relevant courts. In some cases there may be liability under section 72A of the Information Technology Act, imprisonment upto 3 years and with a fine of Rs. 5 lakhs. Moreover, other sections could also be applicable by misuse of computer resources within an organization by its employee/s or in case of compromised systems, which are not protected by proper means, some of them are tabled as follows.

Section 43A and 72ARelating to data privacy
Section 7ARelating audit of documents, records, and info in electronic form.
Section 43Relating Civil penalty risk
Section 65Tampering with computer source documents
Section 66, 66A-FHacking with computer system
Section 67,67A-CPublishing obscene information in electronic form

For Section 65 there are penalties with regard to tampering which is punishable with imprisonment up to 3 years, or fine upto Rs.2 lakhs or both.

For committing hacking the penalties may go up to 3 years imprisonment and fine of Rs.3 lakhs or both.

For Section 67 and related amendments, the penalties varies from 3 years imprisonment and fine of Rs. 5 lakhs.

 

EVOLUTION with its knowledge &  expertise will help your organization to implement proper controls so as the computer resources would be resistant to any type of misuse either knowingly/ unknowingly by employees as we understand that humans are the weakest link to security and also computer resources become audit-able so as to have a proper record of  any unwanted events in case they happen and also to comply with the act.

 

 

 

evolution info secure logo




Online form

Click here  to fill the form online and we will get in touch with you.