According to the Department of IT from the Nepal government, the website and web applications should consider the following things to maintain security.
This is from the official notice published by the Nepal government IT Department.
They requested the concerned authorities and departments to maintain extra security measures for the safety of their web application which is as below:
- The files associated with website/ web applications are to be kept with a backup in both offline as well as online mode.
- The unnecessary files, database, and application to be removed immediately from the application host.
- Use the SSL encryption on the website for additional security.
- Apply strong policy in the passwords.
- Store the passwords in the database only after using the one-way hashing methods and after encryption measures.
- Use multifactor authentication.
- Keep the files of the web server environment and web application platform up to date and store the latest information.
- Stop or restrict the unrestricted file uploads in the server.
- Make sure you keep the software development platform and OS hidden from normal users and private in the site
- Stop the unnecessary service port.
- Make sure to block the users that try to attempt to login with the wrong credentials.
- Keep your website/web application security guidelines testing methods in such a way that it follows OWASP(Open web application security project) security guidelines once a year.
Read the official notice from the IT Department of Nepal Government.
Stay updated with ICTByte for similar news.