I have moved the key burning questions about #Aadhar to a new post. Indian citizen is not aware of the answers to these questions and UIDAI needs to answer the questions before forcing Aadhar down our throat. I am surprised that IT industry leaders are not asking these questions to the government.
Few burning questions regarding #Aadhar are as follows
1) Was #Aadhar architecture designed to handle this large volume of transaction?
2) Is #Aadhar secure enough to be accessed by any private company that wants to use it?
3) Who is monitoring the use of Aadhar data by private companies?
4) If the Aadhar Database is secure then why has Aadhar data been leaked so many times in last 2 years?
5) Has any independent agency conducted an audit of the #Aadhar Software? Why is govt not publishing the report of such audit so that Indians are reassured that their bio-metrics are safe?
6) Today hardly 1% of Indians have #Adhar card, Will Aadhar will the system be able to handle #Aadhar transaction when entire India has #Aadhar and every private company starts accessing #Aadhar database to authenticate the customer?
7) If Software Audit of Aadhar Software has not been done so far it is a huge concern, Who are the CEO & CTO of #Aadhar Software (UIDAI) and why have they not advised the government to conduct 'Yearly Software Audit' of such a crucial software that is going to handle and manage world's biggest citizen bio-metrics database?
8) Does the Aadhar team not think it is necessary to audit the security, availability & scalability of its system by an independent expert agency?
9) Why is #Aadhar & Government not publishing a whitepaper on the security and stability of Aadhar system, particularly after a series of data breaches have been reported by the media?
10) How can #Aadhar team get away fro the responsibility by saying the data breaches were not at the source?
11) Finally if citizen's bio-metrics data is leaked will he be able to sue the government?
I hope someone from the UIDAI & Govt reads this blog and many other blogs by IT industry experts and better sense prevails. Software systems are great enablers but if they are not designed well they can play havoc beyond our imagination and that is why software industry defines processes and guidelines to ensure development and maintenance of quality software. It would be sad if the most crucial software of India takes a hit because of a bunch of overconfident and under qualified engineers that decide not to use external agencies to validate the software they have built. Indian Govt needs to take measure to ensure security of internet transactions and review the laws to ensure consumer protection. The slogan of Digital India should be changed to Digital India, Secure India. Is #Aadhar 100% secure? I will believe when government publishes a whitepaper on the security measures take to ensure Security of my #Aadhar data and justifies why #Aadhar is being allowed to be used by private companies. It seems we have not learned anything from the mistakes committed by USA when they implemented SSN (Social Security Number)
Few burning questions regarding #Aadhar are as follows
1) Was #Aadhar architecture designed to handle this large volume of transaction?
2) Is #Aadhar secure enough to be accessed by any private company that wants to use it?
3) Who is monitoring the use of Aadhar data by private companies?
4) If the Aadhar Database is secure then why has Aadhar data been leaked so many times in last 2 years?
5) Has any independent agency conducted an audit of the #Aadhar Software? Why is govt not publishing the report of such audit so that Indians are reassured that their bio-metrics are safe?
6) Today hardly 1% of Indians have #Adhar card, Will Aadhar will the system be able to handle #Aadhar transaction when entire India has #Aadhar and every private company starts accessing #Aadhar database to authenticate the customer?
7) If Software Audit of Aadhar Software has not been done so far it is a huge concern, Who are the CEO & CTO of #Aadhar Software (UIDAI) and why have they not advised the government to conduct 'Yearly Software Audit' of such a crucial software that is going to handle and manage world's biggest citizen bio-metrics database?
8) Does the Aadhar team not think it is necessary to audit the security, availability & scalability of its system by an independent expert agency?
9) Why is #Aadhar & Government not publishing a whitepaper on the security and stability of Aadhar system, particularly after a series of data breaches have been reported by the media?
10) How can #Aadhar team get away fro the responsibility by saying the data breaches were not at the source?
11) Finally if citizen's bio-metrics data is leaked will he be able to sue the government?
I hope someone from the UIDAI & Govt reads this blog and many other blogs by IT industry experts and better sense prevails. Software systems are great enablers but if they are not designed well they can play havoc beyond our imagination and that is why software industry defines processes and guidelines to ensure development and maintenance of quality software. It would be sad if the most crucial software of India takes a hit because of a bunch of overconfident and under qualified engineers that decide not to use external agencies to validate the software they have built. Indian Govt needs to take measure to ensure security of internet transactions and review the laws to ensure consumer protection. The slogan of Digital India should be changed to Digital India, Secure India. Is #Aadhar 100% secure? I will believe when government publishes a whitepaper on the security measures take to ensure Security of my #Aadhar data and justifies why #Aadhar is being allowed to be used by private companies. It seems we have not learned anything from the mistakes committed by USA when they implemented SSN (Social Security Number)
No comments:
Post a Comment