HIMUDA enforces a strong password policy for all user accounts to protect citizen data and system access.

• Minimum 8–12 characters with complexity requirements: at least one uppercase letter, one lowercase letter, one number, and one special character (@$!%*?&).
• Password expiry every 60–90 days; users are prompted to set a new password before expiry.
• Account lockout after multiple failed login attempts; lockout duration and threshold are configured as per security guidelines.
• Two-factor authentication (2FA): Citizen login requires a one-time code (OTP) sent to the registered email after password entry; sign-in completes only after the code is verified. This protects accounts even if a password is compromised.
• Passkeys (WebAuthn) are supported for passwordless sign-in using device biometrics, PIN, or security keys.
• Automated reminder notifications for password updates before expiry.

Data is retained and archived in line with contractual and regulatory requirements.

• Defined retention timelines as per applicable government and sector regulations.
• Automated archival rules to move inactive data from production to secure archival storage.
• Periodic review of archival policies to align with changing regulations.

Backups ensure business continuity and recovery from failures or incidents.

• Daily incremental and weekly full backups of critical data and configuration.
• Encrypted cloud storage (or equivalent secure storage) for backup data.
• Backup logs maintained with timestamps and verification status.
• Periodic restoration testing to validate backup integrity and recovery procedures.

Network and application security are maintained through layered controls.

• Enterprise-grade Cloud Firewall and Web Application Firewall (WAF) deployed for production.
• IP whitelisting and network segmentation where applicable for administrative and sensitive access.
• DDoS protection enabled to mitigate denial-of-service risks.
• OWASP Top 10 protection rules configured at WAF/application layer.
• Network architecture diagram maintained and reviewed for security and compliance.

Data is protected at rest and in transit using industry-standard encryption.

• Encryption in transit: TLS/HTTPS for all web and API traffic.
• Application-layer encryption: For authenticated users, sensitive request payloads (e.g. profile updates, applications, payments, grievances) are encrypted by the client (AES-256-GCM) before transmission and decrypted only on the backend. Session-bound encryption keys are issued at login and cleared on logout.
• Encryption at rest: Sensitive data and backups stored using strong encryption (AES-256 or equivalent where applicable).
• Passwords and secrets: Stored using strong one-way hashing (bcrypt) and never stored in plain text.
• JWT and session tokens: Signed and validated; secrets kept secure and rotated as per policy.

Activity is logged for security monitoring, audit, and compliance.

• Authentication events: Login (including 2FA/OTP verification), logout, failed attempts, password changes, and lockouts are logged.
• User and admin actions: Critical operations (e.g. role changes, approvals, data updates) are recorded with user, timestamp, and context.
• System and API activity: Request logging and error tracking for troubleshooting and security analysis.
• Retention of logs: Logs are retained as per the Retention & Archival Policy and are accessible only to authorised personnel.