Professional Documents
Culture Documents
IT
in
NSDL
1
AGENDA
1.. NSDL System
Overview
An analogy
NSDL today
NSDL Technology
2.. Services
Basic
Value Added
3.. Benefits
4.. Threat Perception
5.. Security Measures
6.. Business continuity planning (Network)
2
7.. IT Audit Practices
NSDL - Bank -- An Analogy
BANK NSDL
3
NSDL Today
CC -1 SR-1
DEPOSITORY
CLEARING REGISTRAR
CORP.
CC - 2 NSDL SR-2 /ISSUERS
CC - 3 SR-3
DP - 1 DP - 2 DP - 3 DP - 4 DP - 5
DEPOSITORY PARTICIPANTS
STAR NETWORK
SWIFT MESSAGING CONVENTION
5
NSDL’s TECHNOLOGY
• SOFTWARE
Developed & supported by CMC Ltd
Modified version of Banking Software TC-4
• HARDWARE
IBM Mainframe system
Standby CPU (in case of main CPU failure)
All network component like- Router,
communication controller etc used.
• Disaster back-up site
• Power failure back-up
6
Services
• BASIC SERVICES
• Account maintenance
• Dematerialization
• Rematerialization
• Market transfer
7
Value Added Services
Internet-based services such as
SPEED-e
IDeAS
STeADY
• Stock lending.
8
Benefits
9
Threat Perception
10
Security Measures Scope
12
Depository Internal Office
Infrastructure - Cont.
• Internet Access
– Governed by Internet Usage Policy
– Access only through Proxy Server
– E-Mail send / receive to server hosted
outside
– Only HTTP / HTTPs ports allowed
– ICMP blocked No access from outside
13
Depository Internal Office
Infrastructure - Cont.
• Virus Protection Mechanism
– Gateway Scanner
– Emails / Attachments scanned on Mail
Server
– Desktop Anti Virus Protection
• Physical Access
– Proximity Card
– Video Surveillance
– Asset Movement Monitoring 14
Internet based Services
• Authentication
– Password
– PKI / SMART Card
• 3 Tier architecture
• Clustering (partition of Hard disk)
• Firewall / IDS (eg to protect OS)
• Disaster back-up site
• Power Failure back-up
• Machine Level Back-up 15
Business Continuity Planning
Network
NSE Primary NSE DRS HUB
HUB, Mumbai,
X. 25 VSAT Cloud
NSE NET
NSDL Primary
Production Site ISDN / PSTN
Mumbai
NSDL NET
Fall Back
NSDL TC
NSDL DRS
Leased Line
NSDL NET Business 16
7
Partners
IT Audit Practices
• Security Committee
• Vulnerability Assessment Group
• Risk Analysis Group
• Security Audit and Penetration Testing
• Surprise audit by Security Officer
Reporting to MD
17
Any Question
18
Thanks for Cooperation
kanhaiya
keshri
ritu
19