COPYRIGHT POLICY:
Material featured on this website may be reproduced free of charge. However, the material has to be reproduced accurately and not to be used in a derogatory manner or in a misleading context. Wherever the material is being published or issued to others, the source must be prominently acknowledged. However, the permission to reproduce this material shall not extend to any material which is identified as being copyright of a third party (user submitted content). Authorization to reproduce such material must be obtained from the copyright holder concerned.
COOKIES POLICY
A cookie is a piece of software code that an internet web site sends to your browser when you access information at that site. A cookie is stored as a simple text file on your computer or mobile device by a website’s server and only that server will be able to retrieve or read the contents of that cookie. Cookies let you navigate between pages efficiently as they store your preferences, and generally improve your experience of a website. TRIHARAM use following types of cookies to enhance your experience and interactivity with TRIHARAM its sub-domains:
1. Analytics cookies for anonymously remembering your computer or mobile device when you visit our website to keep track of browsing patterns.
2. Service cookies for helping us to make our website work efficiently, remembering your registration and login details, settings preferences, and keeping track of the pages you view.
3. Non-persistent cookies a.k.a per-session cookies. Per-session cookies serve technical purposes, like providing seamless navigation through TRIHARAM and its sub-domains. These cookies do not collect personal information on users and they are deleted as soon as you leave our website. The cookies do not permanently record data and they are not stored on your computer’s hard drive. The cookies are stored in memory and are only available during an active browser session. Again, once you close your browser, the cookie disappears.
You may note additionally that when you visit TRIHARAM and its sub-domains where you are prompted to log in, or which are customizable, you may be required to accept cookies. If you choose to have your browser refuse cookies, it is possible that sub-domains of TRIHARAM may not function properly.
Security Policy
1. TRIHARAM has been placed in protected zones with implementation of firewalls and IDS (Intrusion Detection System) and high availability solutions.
2. Before the launch of the TRIHARAM, simulated penetration tests were conducted. Penetration testing has also been conducted thrice after the launch of the TRIHARAM.
3. TRIHARAM has been audited for known application level vulnerabilities before the launch and all the known vulnerabilities have been addressed.
4. TRIHARAM has been re-audited for the application level vulnerability after major modification in application development.
5. Hardening of servers has been done as per the guidelines of the cyber security division before the launch of the TRIHARAM.
6. Access to TRIHARAM web servers is restricted both physically and through the network as far as possible.
7. Logs at three different locations are maintained for authorized physical access of TRIHARAM servers.
8. TRIHARAM web-servers are configured behind IDS, IPS (Intrusion Prevention System) and with system firewalls on them.
9. All the development work is done on a separate development environment and is well tested on the staging and preprod server before updating it on the production server.
10. After testing properly on the staging server the applications are uploaded to the production server using SSH and VPN through a single point.
11. The content contributed by/from remote locations is duly authenticated and is not published on the production server directly. Any content contributed has to go through the moderation process before the final publishing to the production server.
12. All contents of the web pages are checked for intentional or unintentional malicious content before final upload to web server pages.
13. Audit and Log of all activities involving the operating system, access to the system, and access to applications are maintained and archived. All rejected accesses and services are logged and listed in exception reports for further scrutiny.
14. Help Desk staff at the NIC Data Centre monitor the portal round the clock to check the web pages to confirm that the web pages are up and running, that no unauthorized changes have been made, and that no unauthorized links have been established.
15. All newly released system software patches; bug fixes and upgrades are expediently and regularly reviewed and installed on the web server.
16. On Production web servers, Internet browsing, email and any other desktop applications are disabled. Only server administration related tasks are performed.
17. Server passwords are changed at the interval of three months and are shared by one person TRIHARAM Owner.
18.TRIHARAM Owner has been designated as Administrator TRIHARAM and shall be responsible for implementing this policy for each of the web servers. The administrator shall also coordinate with the Audit Team for required auditing of the server(s).
Compliance
The TRIHARAM has been audited before launch and has complied with all the points mentioned in the policies document of the cyber security group mentioned above.
TRIHARAM has also been subjected to an automated risk assessment performed through vulnerability identification software before and after the launch of the portal and all the known vulnerabilities have been addressed.
Cyber security groups address security needs using IDS/IPS, Firewall etc.
Data Accuracy Policy
TRIHARAM takes all steps possible to ensure that the data on the platform is accurate. If something is found to be inaccurate TRIHARAM will make every effort to correct said information as quickly as possible. If it is found to be an inaccuracy with the entire system TRIHARAM will work swiftly to correct the problem so that your web experience is as trouble-free as possible. The information contained on is subject to change without prior notice.