A new notification has declared these systems to be “protected systems” under the Information Technology Act, 2000 and access to them is restricted.
The Ministry of Electronics and Information Technology (MeitY) has declared computer resources related to the Core Banking Solution and UPI Switch of Paytm Payments Bank Ltd to be “protected systems” under the Information Technology Act, 2000. This essentially means that these systems are considered to be critical to the functioning of the bank and that access to them is restricted.
Read More: Want To Invest In 3-5 Years FD? 10 Banks Offering The Highest Interest Rates
The authorized personnel who are permitted to access these protected systems are:
Designated employees of Paytm Payments Bank Ltd who have been specifically authorised in writing by the bank to access the protected systems.
Team members from contractual managed service providers or third-party vendors, who have received written authorisation from Paytm Payments Bank Ltd for access based on specific needs.
Consultants, regulators, government officials, auditors and stakeholders who have been individually authorised in writing by Paytm Payments Bank Ltd on a case-by-case basis.
The “protected systems” include not only the core infrastructure, but also the computer resources of its associated dependencies.
Read More: Sebi Asks Mutual Funds To Stop Misleading Ads, Brochures, Presentations; Details Here
By limiting access to only those personnel with explicit authorisation, the government aims to strengthen the security and integrity of critical financial systems, thereby mitigating the risk of potential cyber threats and attacks. This is important because these systems store sensitive customer data and any unauthorised access to them could have serious consequences.
Paytm Payments Bank Ltd and its associated stakeholders are expected to comply with the government’s directives to ensure the protection of their computer resources. The government has issued similar notifications declaring critical computer resources of Indian Bank, YES Bank, IDBI Bank and Central Bank of India as “protected systems” under the IT Act.
The notification means financial institutions may now need to implement additional security measures to safeguard their protected systems. They may need to keep a record of who has access to the protected systems and what they are authorised to do. They may also need to report any unauthorised access to the protected systems to the respective authorities.
