Question 1:

You have been appointed as IT Head of a soon to be opened Retail chain store by the name
of “India Retail Store” which will have branches all over India. India Retail store is a
Private Limited company. Highlight atleast 5 security threats that a Retail store may face
in today’s times and suggest 5 innovative IT security mechanisms to ensure that such
threats do not harm your Retail store chain & that your systems remain as secure as ever.

Ans 1.

Introduction
In modern organisation, that are highly connected, there is a constant threat from harmful
software and malicious intent. To open a retail chain store in India, we have to setup information
system at all levels, and to operate the stores smoothly and in response to threats setting up
technologies to handle security is a must. In India, the major problem that a bank may face is the
issue associated with cybercrimes. The data available on the bank's sever may be hacked or
misused or the user can be phished.

Concepts & Application

Five security threats to bank

The five most significant threats to any newly open-end bank in India:

Crackers: Cracking is act of breaking into computer or computer network illegally. For every
financial institution or retail store both have big data of their customers and both the organisation
involve financial transactions, compromising on the security from crackers may lead to huge
financial losses to the customers as well as of the institution. Crackers use social engineering
which is manipulation of unsuspecting users to extract private information. Espionage the human
or computer helps the cracker to get to victim network and later leaves spyware software to
identify the activity and find the suitable moment to breach and gain the information. By this
mean they may also do the financial transactions from bank’s server.
Malware: User/customer device can be compromised with malware, spyware, worms, or
viruses. It can pose a severe risk on Retail chain cyber security on every occasion when the user
accesses our network. The user may interact with our server in the forms of emails, using website
or the service offered by store online. There is a possibility that malicious software could gain
access to sensitive information or damage computers and servers connected to a network,
causing huge monetary and non-monetary losses to a company.

Third party Services: With the increase outsourcing information system management, it is
imperative that outsourced agencies maintain standards in maintaining the security of their
services. It may cause trouble if the third-party vendors do not have accurate cyber security
measures in place. It'd then be able to impact bank. Hence, the bank must look into the
measures through which it can safeguard itself from the threat of third-party intrusions before
deploying any kind of solution to their problems. The same has to be followed while opening up
a new retail store that the vendors have to follow strict security measures.

Phishing and Data Manipulation: Phishing means the attempt to get sensitive information like
credit card or bank details. The source may be phishing the customer or the database.
Cybercriminals today have located numerous new techniques to hack the statistics. They can
steal the customer data and do fraudulent transactions or manipulate the data to cause turbulence
in the organization. They try to alternate or alter the information available on the cloud which
look more or less like every other credentials. This cause massive loss to the economic
institutions and might incur millions of dollars of damage. So, the bank has to be very careful
while managing the database. The same thing can happen in retail chain too as customer save
share much private credentials to the organisation, like addresses, phone number, banking
details(saving cards at website), cause much risk of data theft of customer or such information is
good enough to bate the customer for phising.

Spoofing: This is hacking technique that hackers do by impersonate a banking internet site’s
URL with a website that appears and functions exactly the identical. It's miles harmful because
as and when the consumer shall enter their login facts, the hackers might be capable of hitting
upon it after misusing it.
Five innovative it security mechanisms

Security Audit & Risk Assessment.

A security audit is a process by which the security features, technology and practice of
organization are scrutinized and make sure it is not compromised. The object is to find
vulnerabilities, identify any risk. Audits examine log files on servers, test software for
weaknesses, examine server access rights and ask questions about regular security practices. Risk
assessment is computing a financial value for the possibility of a particular security failure.
Security audits help a firm achieve its security goals be it a financial institution or a retail chain.
Ensuring tight scrutiny at workplace will reduce the chance of cybercrime and data theft. As
breaching security do not account only the money loss, but also the liability, corporate risk, and
reputational damage. Examine and update the assessment at least once a year. The risk
assessment will assist you in identifying potential consequences and the security service levels
that are necessary.

Strong Authentication Standards

Services that are accessed from outside the organization are at major risk of security breach.
Even when someone accesses services from outside the network or over the internet, it is vital to
authenticate the individual. To authenticate the individual, a range of services are available
including: Two Factor Authentication, Digital Signature Key (Key Cryptography), and RFID
Scanners.

These technologies can be used in banks for accessing banking services online or at the bank, as
well as in shopping centers which authenticate users with a card, a mobile phone, biometric or a
unique number. These authentication tools maintain strong security and facilitates easier
detection when a breach has occurred.

Establishing Perimeter Security

Organization’s server contains web services, email exchange and inbound operational data.
These servers provide internal user access to many services on the internet and are typically first
to be attacked. To secure these servers, they are often isolated from the from the rest of
organization’s network to separate virtual network called demilitarised zone. This DMZ is
further protected by firewall. In Bank security data of customers or inbound communication and
services can be used under DMZ so that no one from outside can infiltrate in these services. And
for services on internet different servers can be used where no confidential data is saved and can
communicate with DB at per requirement.

Securing the Client Commuters

Protection among the network is as important as securing the end system. End system like
Desktop, laptop even mobile phones have to be covered with security technology. In
organization like banks or even retail chain stores original operating systems should be used
which also have inbuilt firewall systems or independent. Such firewall monitors the traffic at
network interface of personal computer.

Along with software update, client must have strong password protected security as many client
computers do not have password security which enable the cracker to access boot and services
without any authentication.

Keep in mind, though, that dangers change and expand all the time. This means that financial
institutions must invest in their technology, people, and procedures on a continuous basis. This is
not a one-time exercise in terms of security.

Customer and Employee education and awareness

As not only the institution is at risk of fraud, but the customer is at higher risk since they lack
awareness and education related to new frauds. To ensure that everyone does their part to protect
and minimise today's breach, education and training programmes should be implemented.

It is very important to consumer have confidence on the company for which he/she is availing
the services. The reputational harm that an online attack can bring is something that no bank or
other business institutions can afford. Investing in security systems, procedures, and people on a
regular basis is a must. Customers can be educated by giving important newsletters or
questionnaire so that the customers can be taught with new or upcoming treats. Otherwise,
institutions risk exposing client data to hackers will increase.
Conclusion:

Today, the bank needs to take innovative measures to stop those mis happenings. Otherwise, the
bank will face varieties of problems, and one could be dropping the customer base. The
alternative is the money owned. So, to avoid some of these contingencies, a bank must verify the
above-mentioned threats. The same threats can also be looked in a retail chain store, since it is
the responsibility of every organization to serve its customer and protect its customer from
fraudulent activities caused from external environment. Since the term technology serves the
purpose of solving the problem of security it is essential for the lengthy sustenance of the newly
open-end retail chain store.
Question 2:
Choose any e-Governance initiative of any country in the world which is aimed at helping
the poor & the needy sections of the society. Enlist atleast 10 benefits of having
implemented this system for the benefit of this downtrodden section.

Ans 2.

Introduction

The term Governance may be described as the process by which society steers itself. And E in E-
governance refers to Electronics. E-governance can be defined because of how the advantages or
perks are provided to the citizens of the country or a selected nation using the software in
Information and Communication Technology (ICT). The interactions among the State, Private
Enterprise and Civil Society are being increasingly conditioned and modified through the
influence of information and communication technologies. For this reason, this method is a
type of governance provided to the citizens by a digital method.

The concept and example of e-governance can be:

 The use of the Internet by Civil Society, NGOs and professional associations to mobilize
opinion and influence decision-making processes that affect them
 The increasing electronic delivery of Government and commercial services and
information
 The electronic publication of draft legislation and statements of direction for public
feedback
 The increased adoption of e-enabled community centres, the liberalization of
telecommunication markets and trends towards web-enabled mobile telephony and digital
television.
Concept & application

In pursuance of the goal of digital India and to reduce poverty in rural India, the government of
India has released many tasks of governance in electronic modes. One scheme which we can
discuss that has benefitted the poor and can be included in e-governance is MGNREGA launched
as NREGAsoft. The scheme represents the very heart of the social infrastructure of the country.
By promoting equality, and by making a holistic and aggressive effort to alleviate poverty, and
thereby encouraging inclusive growth for all, it has fostered equality. The motive of launching e-
governance schemes is to promote:

 To keep the scheme simple and reachable to the beneficiaries.

 To raise moral standards
 To keep the administration accountable
 To be responsive

Progress made towards achieving the benefits of scheme in India show significant poverty
reduction. Social and economic developments are still not fully benefiting the poor and
vulnerable, and government interventions rarely target these groups that are often difficult to
reach due to geographical, infrastructural, and linguistic constraints. The NREGAsoft language-
based e-Governance system is available offline as well as online, to track all NREGA activities
at Centre/State/District/Block and Panchayat levels.

The major benefits which can be availed by the poor and needy section of the society can be as:

 E-governance make available timely and reliable information on various aspects of

governance.
 The information would be made available to simple aspects of governance such as forms,
laws, rules, procedures etc in local language, extending to detailed information including
reports, public database, decision-making processes etc.
 There would be an immediate impact in terms of public savings in time, effort, and
money, resulting from online and one-point accessibility of public services backed up by
automation of back-end processes.
  Application of Information Communication Technology to governance combined with
detailed business process reengineering lead to simplification of complicated processes,
reducing redundant processes, simplification in structures, and changes in statutes and
regulations.
 Simplification in the functioning of government, enhanced decision-making abilities, and
increased efficiency across government all contributing to an overall environment of the
more accountable government machinery.
 Enhanced productivity and efficiency in all sectors along with transparency in the system.
 The rapid growth of communications technology and its adoption in governance help in
bringing government machinery to the doorsteps of the citizens.
 Expansion of telephone networks, rapid strides in mobile telephony, the spread of the
internet, and the strengthening of other communications infrastructure facilitate the
delivery of many services provided by the government at the needed location.
 This enhancement of the reach of government - both spatial and demographic enable
better participation of citizens in the process of governance.
 Improving PPP model for inclusive growth of public and private sector.

Conclusion

Pro-poor e-governance provides opportunities for achieving the development goals by enhancing
local service delivery to the poor. To achieve the Development Goals, governments are strongly
encouraged to implement e-governance for the poor as part of their national poverty reduction
strategy. There are many challenges in implementing e-governance at a large level due to lack of
infrastructure. We need a comprehensive system of monitoring and evaluation of the existing
projects and schemes, as well as planning of future interventions that examine how they impact
the poor and vulnerable.
Question 3
The city of Mysuru is one of the cleanest cities of India and is in close driving distance
from Bengaluru, the IT hub. You have been invited as an external IT consultant by
Government of India with a mandate to convert Mysuru into a “Smart City”

a. Which “Smart” city in the world will you choose as a benchmark to emulate some of the
best practices of that city into Mysuru? Provide atleast 3 reasons with brief descriptions
behind your choice of choosing that particular city as a benchmark?

Ans 3a.

Introduction

Smart cities are the ones which have a modern competitive framework and emphasize the role of
records and ICT in the community. The Ministry of Housing and Corporate Affairs has launched
a variety of innovative town projects. Government is trying to build smart towns throughout the
country and make them citizen-friendly and sustainable.

Concepts & Application

Benchmark for smart city

Using technology to enable local area development and to improve people's quality of life is the
purpose of the Smart Cities Mission.
Singapore should be considered as a benchmark for smart cities, based on my perspective. In
terms of smart mobility, healthcare and safety, efficient governance, and overall liveability,
Singapore is the undisputed leader. These are the top three reasons why Singapore is the smartest
city in the world.
Health and Safety
Singapore has developed models that are collaborative and people-centered. To ensure quality
medical care, Singapore has successfully created a healthcare environment that embraces
innovation. Healthier people are more productive and more resilient. By implementing a broad
range of technologies, such as remote monitoring devices and digital service platforms, the
authorities have established health care facilities for the elderly as well.

As a result of its over half a million police surveillance cameras and web-based police portals,
Singapore is also regarded as one of the world's safest cities.

Smart Mobility Solutions

With the idea of providing advanced mobility solutions to all the citizens, the government
authorities have developed effective public transport systems. City transit systems are highly
efficient, affordable, accessible, and environmentally friendly. Through cost-effective and
comfortable transportation, people have been encouraged to lead relatively active lifestyles.
As Singapore's smart mobility initiatives progress, technology will play a key role. Smart and
connected traffic solutions have been developed and implemented by the city's leaders. The use
of shared and public transport is strongly encouraged by stringent policies that discourage car
ownership. The city-state has developed and implemented smart mobility solutions for its
citizens. Public transit systems and bus routes are being built to support active mobility modes
such as cycling and walking.

Administrative Services
In the world, Singapore has the third highest GDP per capita, a free market economy. With the
aim of attracting foreign investors, Singapore developed a corruption-free and tax-friendly
environment. Government agencies and their pragmatic administrative policies deserve the credit
for the country's success.
Digitalization, information technology, and information harvesting are Singapore's keys to
becoming the Smartest City in the World. The country is clearly one of the fastest-growing
economies in the world. I think it is fair to say that Singapore has been able to innovate and
devise superlative digital technology solutions because of its support of public-private
collaborations and the startup ecosystem.

Conclusion
City-states with enhanced mobility and livability are a standard for quality of life. Consequently,
Singapore's government actively makes technological advances to offer every conceivable form
of protection, infrastructure, and comfort for its citizens. A constant investment in mobility,
healthcare, citizen safety, business development, and energy. Singapore is unquestionably one of
the world's smartest countries.
b. Suggest & describe atleast 2 innovative technology enabled services that you will
introduce into Mysuru so that it can be called as a “Smart city”?

Ans 3b.

Introduction
Innovative city project is a target to make sure cities are well equipped with all the centres and a
well-suited proper law and order that can help maintain the town's security. As a result, other
cities and towns may be motivated to follow similar standards and guidelines to participate in the
clever town project.

It is essential that humans have decent, high-quality housing, as well as cost-effective physical
and social infrastructure, which include water, sanitation, energy, clean air, education,
healthcare, safety, and enjoyment. Cities that are smart can attract investments for infrastructure
development. For a town to be investor-friendly, it must have the correct infrastructure and
online business processes, which make it easy for a business to start and stay afloat.

Municipal governance and implementing organizations need to develop a plan or format to

develop skills, infrastructure, and a focus on transforming present towns into future smart towns.
 
Innovative technology to be used in Mysuru
The following technology may be used to improve Mysuru as a smart town.

Transportation and Healthcare: 

Bengaluru, our neighboring city, has a strong IT sector, so Mysuru can become a center of
synthetic intelligence technology. In any city, public transportation is an integral part. Due to its
proximity to Bengaluru, it may be useful for connecting to large cities where people can
commute easily. It would be very convenient if trains and buses were connected by one app, so
that you could see exactly when the next train is coming and how long you need to wait. In
addition, predictive analytics can also be used to optimize public transport routes that are cost-
effective and provide maximum benefit.
Healthcare is an extremely important aspect of life, especially in current times when non-
communicable diseases like heart problems and cancer are increasing. Better healthcare along
with smart mobility can save many lives.

Waste Management
In a city, waste management systems can be optimized to ensure efficient collection and disposal
of waste, helping to keep it clean and hygienic. As a result, improper waste management can
contaminate soil, air, and water as well as provide a breeding ground for a variety of viruses and
bacteria. The sensors in the waste bins, however, can be used to detect when the bins are full and
dispose of them accordingly using IoT technology. We should do this instead of just disposing of
the waste on certain days when the bin might not always be full. Other days, the bin might
overflow with contamination risks.

Conclusion:
These are only some of the applications of smart cities. Many more options can be explored to
make cities a better option for the future. In many large metropolitan areas around the world,
these applications are already in use, but there are many barriers that prevent the creation of truly
smart cities. There may be bureaucracy or a delay in integrating new technology into existing
systems. No matter what, the future will be smart!