This database system is connected over secured, dedicated and reliable networks of Pakistan Telecommunication Company Limited (PTCL) and Virtual Private Network (VPN), using various security firewalls monitored by security experts in Data Center of IMPASS round the clock.

Listing the steps taken by the Ministry to save and secure the data of CNICs and Passports since June, 2013, official sources on Friday the Department of Immigration and Passports is using the System centrally for passport data collection since inception of Machine Readable Passport System in the country.

With regard to physical/site security, the sources said National Data Warehouse hosts tire-3 data-center in a restricted area with access secured by armed guards while access to the facility is subjected to formal search through metal detectors.

The sources said all data storage devices like USB, CD, DVD, etc. are strictly prohibited, boundaries of the facility have been hardened with iron sheets and glass tapes, access to main data center is secured through two-factor authentication including bio-metric verification of individual. The facility is monitored round the clock under CCTV cameras.

The sources said the facility has been equipped with smoke detectors and automatic fire extinguisher system.

Regarding system/data security, the sources said National Data warehouse has procured new database Oracle Exudate Engineered Systems along with latest security enhancement tools like database firewall, database key vault, database level encryption and encryption on network transit.

National Data warehouse has been managing a near real-time synchronized Disaster Recovery (DR) site, alongwith Islamabad site for sake of business continuity.

The data center has been designed in such a way that remote access to Information Technology (IT) infrastructure is not possible. All operations/monitoring are run by technical staff on-site at all times while critical IT equipment is required to pass the "Scanning Activity" prior to be commissioned in main data-center. This extensive scanning includes scanning of hardware and software components.

The sources said best practices like "separation of duties" and "on-demand restrictive access" have been followed to mitigate risk of intentional data loss/theft.

All human resources employed in National Data Warehouse are required to pass formal security clearance.

With regard to network security, the sources said the data center of National Data Warehouse is not connected to the Internet, hence is not vulnerable to any type of cyber-attack or data theft activity.

All web-based applications (like Verisys, Election Commission of Pakistan Portal etc) hosted in National Data Warehouse are deployed using HTTPS protocol to avoid any data interception curing network access.

Data replication between Primary and DR site is secured through encryption while multi-layered security controls including firewalls are in place for filtering out any illegitimate traffic before reaching the information systems of National Data Warehouse.

The sources said there is comprehensive and well versed backup/restore policy of data in place for keeping and refreshing backups on three (03) different physical locations, the IT infrastructure is secured through centrally managed active anti-virus server and all critical security patches for operating systems are managed centrally.