In the recent times the Digital Economy has enabled multiple avenues for a common man. Internet access is becoming cheaper every day and is complemented by over 100 crore mobile phone users in India. Electronic transactions like online shopping, bill payments, movie/train/air ticket bookings, funds transfer, e-wallet payments, online banking and online insurance etc. are happening with extreme ease at the touch of a finger. However, this comfort brought by a digitized economy is accompanied by a definite but avertible security threat.
Every transaction on a digital platform is linked with some form of sensitive personal information. It can be an individual’s User Name, Password, Account Number, PAN Number, Aadhar Number, Biometric details, email-ID, Debit/Credit Card Number, CVV Number and Transaction OTP (One Time Password) etc. If the above information leaks intentionally or unintentionally, or if it is stolen or falls in wrong hands the repercussions could be serious. The security of these sensitive personal details is of paramount importance and to greater extent, the responsibility of securing this information rests with every individual like us.
Every individual has a definite role to play in protecting his/her own information. The individuals using digital platforms need to handle this sensitive personal information at par with their own valuable ornaments or assets. Individuals should exercise caution while sharing their own information with any third parties or service providers including e-commerce websites, financial institutions etc. User Name, Passwords, Transaction OTP, Card CVV numbers should strictly not shared with anyone.
This data theft can happen manually or even through smartphones and personal laptops/desktops at home. Due care should be taken before installing any application on mobile and its trustworthiness shall be assessed thoroughly. Antivirus is a must installation for mobiles and home laptops/desktops. Regular updates and patching will maintain basic security hygiene. Business organizations are relying upon the latest technology to offer various competitive services or products and they are striving hard to keep the customers data safe and secure. Multi-layered protection measures are being deployed around the technology handling customer information. With the digital push, industry regulators like RBI, IRDAI, SEBI etc. have issued a series of information security measures to be followed; highlighting their commitment towards protection of customer information. Many banks, have adopted industry best security practices in their efforts for securing customer information.
The Indian Government is equally serious about information security and has taken many initiatives for spreading security awareness through CERT-In advisories and establishment of Cyber Swachhata Kendra – www.cyberswachhatakendra.gov.in. This portal provides useful alerts on cyber threats and useful tools for removing BOT malwares and protection of mobiles, USB devices and browser security. Most of these tools can be downloaded free of cost.. The Government has not stopped only with advisories but also working on a Data Protection Act, which will soon become a reality in India. This act is being drafted keeping the protection of personal information in focus. Such a law is the need of the hour in today’s internet driven economy.
Thus, information security is being tackled wholeheartedly by Central, State governments and business organizations. However, their efforts will be fruitful only when every individual will contribute to the common cause of information protection. On this International Computer Security Day – 30 November, let’s commit ourselves for the security of our own information and imbibe the security aware culture.
The author is chief information security officer at SBI General Insurance.