Principal Director, Department of Information Technology, Government of Sikkim
Please give your views on the importance of Data Centres in the States. How do you correlate this technological intervention with good governance?
It is important to have a Data Centre in the states, as it would enable having a central repository of all databases and is very important in the present scenario. Island computerisation is happening with various other departments maintaining their own servers. There is a lack of integration. Having SDC would go a long way in stimulating back end computerisation, which is the present need of the hour. Our state wide area network (SWAN) is also completed and running through where we have provided Internet connectivity up to the Block levels. Steadily Internet connectivity in the state would be ubiquitous and would be available everywhere either through GPRS, broadband or the SWAN. Unless we focus on developing backend database in the SDC, our SWAN becomes a highway without cars.
What is the status of the Data Centre implementation, under National e-Governance Plan, in the state? When did you expect it to complete?
With regard to the State Data Centre implementation is concerned, the technical bids are in the process of being evaluated and we expect to open the commercial bids by the end of November 2009. We expect the Data Centre to be established by August 2010.
Please name some of the mission critical applications that will run on DC. What is your strategy to ensure maximum uptime for these operations, in particular and resilience in IT systems in general?
Mission critical applications that would run on the Data Centre are land records, e-District, VAT, treasury etc. We also plan to use the Data Centre with a facility in which databases can be queried and updated through mobiles. Sikkim is rich in natural and man-made resources and it is in this context that we would be hosting a powerful GIS server in the Data Centre along with high resolution satellite maps. The ultimate aim would be to use GIS as a tool for planning and decision-making.
Public data is invaluable. What is your roadmap to ensure maximum data security?
Along with various security hardening controls to be deployed at the operating system, applications, database and other network and server components– the web servers will be distributed in various Demilitarised Zone (DMZs) with the help of layered fi rewall architecture. The Perimeter Firewall will have the entire network including servers and Storage Area Network (SAN) in DMZ zone and all the Network Operations Centre (NOC) etc in Trusted ZONE. Our NOC will be in trusted Zone and highly secured. To protect our entire core network including server we will use an internal fi rewall. The Internal fi rewall will be in the DMZ Zone of the perimeter fi rewall, and the Internal Firewall will further segregate the network in DMZ and trusted Zone. So the Trusted Zone of the Internal Firewall will include the DB servers and Application servers. The DMZ Zone will include Web Servers.
Security through the network will be achieved with the application of granular ACLs between routers, switches, and VLANs, which will give administrators control to permit traffi c that is relevant to the needs. Additionally, any traffi c that is destined to the switches directly will be denied with the exception of encrypted SSH traffi c from authorised administrative workstations. Internet Control Message Protocol (ICMP) packets will also be prevented from being transmitted through the switch to prevent host discovery and denial of service attacks.
Can you discuss about challenges in setting up and running DC?
We won’t face any challenges as such as the running and maintenance of the SDC would be outsourced for a period of 5 years, which does not mean that the Department would abdicate from its responsibilities. We would be constantly monitoring the SDC.
How competent is your department to oversee the Data Centre in the long run?
The Department is competent enough to handle the running of the SDC, As such we would be posting some of our programmers/staff after the SDC becomes operational to keep an eye on the ongoing and also to learn the fi ner aspects of operation of SDC. The Department would also have a proper exit plan in place to take over after fi ve years. \\