How Secure is to Submit Online Bids on a tender published on www.eprocurement.gov.in

The security features incorporated in the application ensures that all activities are logged, no unauthorised person has access to data, all sensitive data is encrypted and system can be restore in a minimal possible time in case of a disaster or system crash. 

  • Audit Trail: The Solution has been so designed that all the activities, transactions and changes in configuration are logged and a log report is made available to the concerned people. Further, a log is also available of activities at the database level thereby ensuring that a robust audit trail is always available of all the activities either at the application level or the database level.
  • Data Encryption: The solution supports 128 bit encryption and all the price bids received against a tender are encrypted at the database level. Further, the login passwords of all the users and the suppliers are also encrypted at the database level.
  • Secure Administrator Access: To prevent an administrator from misusing his access privileges, the TMS requires two level password verification before allowing an administrator access to the admin module. The first password is provided by the administrator himself and the second password is provided by some designated senior person within the buying organization. The administrator will be authenticated on advanced technologies using biometrics.
  • Process Validation: The Solution has been so architected that a user cannot view the commercial bid of a supplier till the technical evaluation of the tender is complete and the date & time specified for the opening of the commercial bid is due.
  • SSL Certificate: The solution uses 128 bit SSL Certificate from Verisign for communication between the browser and the web server. This ensures that all the data is encrypted and cannot be hacked/misused by anyone.
  • Unauthorised Access: The entire solution is behind a firewall and intrusion detection system that protects it against unauthorised access and hackers

No comments