Our Security Policy defines measures to protect the confidentiality, integrity, and availability (CIA) of bbmb.gov.in's information and services, adhering to GIGW, STQC, and CERT-In guidelines.

Objectives:

• Protect web resources from unauthorized use, access, changes, destruction, or disruption.
• Maintain CIA of all information and services
• Mitigate security threats and reduce legal liabilities.
• Ensure continuous compliance with national and international security standards.

Security Measures:

• HTTPS Protocol: All communication encrypted using SSL/TLS.
• Regular Patching: CMS and plugins updated monthly or immediately upon detection of critical vulnerabilities.
• Firewall & IDS: Implementation of Web Application Firewall (WAF) and Intrusion Detection Systems.
• Data Integrity: Audit trails and activity logs maintained for all backend changes.
• Access Controls: Role-based access management for all administrative functions.
• Security Testing: Periodic VAPT (Vulnerability Assessment & Penetration Testing) by CERT-IN empanelled agencies.
• Compliance: Aligned with the guidelines issued by the Ministry of Electronics and Information Technology (MeitY) and National Informatics Centre (NIC).