The Maharashtra government is planning to store citizen data on the public cloud platform. According to reports, the state government is working with software giant Microsoft on the proposed project. The data stored on Microsoft Azure will be linked to a UID number which will provide users a sharable space and easy access on a public cloud. Though the government aims to improve efficiency in government working, experts are quite apprehensive about the security of data stored on third party Cloud servers.
The new development has come after CM Devendra Fadanvis announced last month that Microsoft would be setting up South Asia's largest data centers in Mumbai and Pune. The CM indicated that these data centers would be used to kick start a digital-locker project.
In a major step in Digital India initiative, Maharashtra government has introduced a pilot project "Maha Digital Locker" an online repository for important documents where citizens can upload their important certificates and documents like those related to birth, passport and education. This e-Locker has been linked with UID Number or Aadhar number.
"This system will be linked with UID (Unique Identification Number, or Aadhaar); all information would be seeded with the digital identity and will help get public services. A digital ID will be created and a person will be able to use it everywhere. The digital information would be secure in digital lockers", Devendra Fadanvis was quoted as saying.
According to reports, the Digital Locker is expected to go live by the end of 2015.
The DQ Week tried to contact the principal secretary of Directorate of Information Technology (DIT) department for information on the proposed project by the state government. However, his comment was unavailable till filing the story. When contacted, a Microsoft representative said that since the discussion was in the process, Microsoft would not like to comment on the topic at moment.
Suresh Ramani, CEO of Mumbai based Techgyan and Technology Consultant to Companies with expertise in Microsoft Technologies said that Microsoft has very strong privacy policies and the company is extra careful with data security.
"Microsoft works with governments worldwide and provides exclusive Azure platforms to governments. It takes special efforts to safeguard sensitive information of government. Therefore, it would be wrong to have ambiguity on Microsoft's security policies."
In the query that the cloud is owned and operated by a third party (in this case Microsoft), it will be accessible to the vendor, Ramani said, "As part of its corporate policy, Microsoft does not access the data. It does not mix up government data with other data. Therefore, the user gets full security of his sensitive information."
The government uses its own servers on National Informatics Center (NIC) network to store sensitive government information. However, this is probably the first time that the Maharashtra government is planning to implement third party Cloud servers for data storage. Therefore, it would be interesting to see how the government addresses a security aspect of putting private data on a public cloud.