Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » NCERT starts DIKSHA security audit after data breach reports

NCERT starts DIKSHA security audit after data breach reports

NCERT starts DIKSHA security audit after data breach reports

The National Council of Educational Research and Training (NCERT) has initiated a third-party security audit of the Diksha (Digital Infrastructure for Knowledge Sharing) app, following reports of a breach of data belonging to the government-run platform.

Diksha is a national platform for school education developed by Bengaluru-based EkStep Foundation. It is an initiative of the NCERT under the aegis of the Ministry of Education. As per its website, Diksha has almost 167 million enrolments.

The audit is to further ensure that data remain secure on Diksha, said the Central Institute of Educational Technology (CIET), which is part of the NCERT to promote the use of technology in education.

CIET joint director Amarendra P Behera, who is in charge of the Diksha app, told ET that the NCERT had taken note of concerns regarding students and teachers’ personal data being stored in an unprotected cloud server, as claimed by a Human Rights Watch (HRW) report.

In its reply to the HRW, the NCERT confirmed that Diksha does not collect precise location data, time of current location, or last known location, he said.

“Diksha only gets approximate state and district information (based on device IP). The state and district of the user is stored in the system only after confirmation from the user and is used to show the user-curated content specific to the user’s school board or state. The IP address is also not stored,” Behera told ET in an email.

The HRW, in its report, said an app-specific analysis showed that Diksha collects and transmits children’s Android Advertising IDs (AAIDs) to Google through two software development kits (Google Firebase Analytics and Google Crashlytics) embedded in the application.

The fact that Diksha collects such data is not mentioned in its privacy policy, HRW said.

The NCERT has asked EkStep, the organisation managing the technical operations of Diksha, to further ensure that all the data are stored in a secured way, with access only to the approved users, Behera told ET.

“Besides, the NCERT has initiated a third-party security audit of Diksha to further ensure that data remains secure on DIKSHA,” Behera said.

In response to ET’s questions, EkStep said Ekstep Foundation is not operating Diksha and that it cannot make any comments on the report of data breach.

Launched in 2017, Diksha has been adopted by almost all the states, union territories, and central autonomous bodies/boards including CBSE. Diksha can be accessed by learners and teachers across the country and currently supports 36 Indian languages.

Each state/UT leverages the platform in its own way, to design and run programmes for teachers, learners, and administrators.

The 2022 report of the HRW came to the fore, after reports emerged in late January said a cloud server storing Diksha’s data was left unprotected for over a year, exposing that to hackers and scammers.

On February 15, the Internet Freedom Foundation wrote to the National Commission for Protection of Child Rights chairperson Priyank Kanoongo, expressing concerns that this breach violated the students’ fundamental right to privacy.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket