National Database and Registration Authority (NADRA) has assured the citizens of Pakistan that their data is fully secure, and no incidents of data breach have ever been recorded to date.
The NADRA spokesperson stated this in a statement issued here on Monday.
The spokesperson also highlighted that under the directions of Chairman, Tariq Malik, NADRA has established information security department charged with evaluation and mitigation of external and internal security threats.
NADRA employs proactive means of protecting citizen data stored in the National Data Warehouse, adding that confidentiality, integrity and availability of data lie at the heart of the systems, policies and procedures that govern the transmission of data.
NADRA has deployed new technology tools to safeguard citizens against identity theft and to protect documents against alteration and forgery.
Spokesperson said that the authority after having analyzed through the behavioral trends of the data has become more vigilant and routinely takes notice of suspicious attempts to obtain CNICs through the use of fake documents.
It instantly investigates such cases to hand over correct information to staffers.
The spokesperson added that internal security is just as crucial to NADRA, and the organization has lived up to its role as a pioneer of cutting-edge security solutions in the country and world-wide, implementing information security strategies, processes and protocols that ensure complete confidentiality, integrity and availability of data. It is this unflinching resolve that has enabled NADRA to achieve “CMMI Maturity Level III” from the US-based Carnegie Mellon Software Engineering Institute (SEI) after rigorous appraisals in activities relating to project management, technology, development and quality management.
An ISO 27001-certified directorate, the NADRA network department as well as the services and applications it hosts are fully secured as per International Organization for Standardization (ISO) regulations. A wide range of security procedures have been adopted to safeguard NADRA network including but not limited to physical security, firewall, intrusion detection and prevention systems, Syslog Servers, antivirus and anti-spam tools, and network protocol analyzer. After reviewing the responses on questions related to security of citizen’s data, Transparency International also announced that citizen’s data is safe in Nadra’s National Data warehouse.
The spokesperson noted that it is because of NADRA secure data center and security locked National Datawarehouse that other institutions have also hosted their sensitive data and servers in NADRA as well.