With increasing instances of cyber attacks, the Goods and Services Tax Network as well as GST Suvidha Providers (GSPs) are giving priority to security of their networks and safety of data stored.
“We would also like to assure taxpayers that adequate measures have been taken to protect their data,” said Prakash Kumar, Chief Executive Officer, GSTN, adding that it has used advanced security solutions to ensure that the portal is protected from cyber attacks.
The GSTN provides the IT backbone to the new indirect levy that starts from July 1 and runs the portal for registration, filing of returns and payment of taxes. It expects about 300 crore invoices to be uploaded every month.
Giving details of the security features, Kumar said that GSTN is running a dedicated Security Operations Centre for monitoring events.
“The IT systems, applications, devices and databases are monitored 24x7x365 along with a NoC as per Information and Cyber Security Framework, Policies and Procedures in alignment with ISO 27001/22301/20001 and guidelines of the Government of India,” he told BusinessLine .
As part of their monthly GST returns, companies will have to upload their invoices under GSTR 1 and many are worried about data breaches that can provide crucial business information to their competitors.
“Security of their data is one of the key parameters that businesses judge us on. A constant concern is that data on their pricing and sourcing is not leaked to competitors when they file returns,” noted an executive from a GSP, adding that this is also one of the key requirements of the GSTN.
GSPs are expected to have their data centres in India. Further, all third party applications will connect with GST system via secure GST System.
Most GSPs and other application service providers (ASPs) have promised data encryption to customers as part of the package for return filing and invoicing.
“For instance, we are providing triple encryption and e-lockers to our customers,” said Rshmi Khetrapal, founder and CEO CountMagic.
ClearTax, which is foraying into GST return filing, said there are three important layers to the safety of GST data.
“These include safety of data transferred between the user’s accounting software and ERP and ASP, then between the ASP and the GSP and lastly, between the GSP and the GSTN,” said Archit Gupta, Founder and CEO ClearTax, adding that the company is using 128-bit SSL encryption and bank-grade security keeps data safe.
At an earlier event, Kumar had also promised that there would be no data breaches from within GSTN either.
“No single operator in the GSTN will be able to access the data alone. The full data will be accessed only by the taxpayer and the concerned tax officer,” he had said, adding that the information would be stored in encrypted form in four locations.