Page 127 - GIGW2
P. 127
Guidelines
for Indian Government Apps & Websites
equipped with firewalls and other security features.
b. Hosting service provider MUST provide 24X7 accesses to APIs and
backend databases.
c. Appropriate disaster recovery site should be configured at different
geographical location to avoid disruption of service in case of natural or
manmade disasters.
d. API hosting service provider should also provide technical support and
help to the owner of the application.
e. Adequate security measures must be built in the API to detect and
discourage unauthorized use of the APIs.
11.6.2 Mobile App hosting
Apps are invariably hosted on the play stores of the target platform which have
their own policies and guidelines. Play stores are public platforms and any user
is allowed to upload app after paying a nominal fees to become a registered user.
However for better visibility and access ensure that the app is uploaded through
the official account of the API hosting service provider. Ensure compliance to
target platforms policies.
11.7
Contingency Management & Disaster Recovery
11.7.1 APIs
Contingency management plan should be similar to the one adopted for other
websites and portals hosted in the data Center.
11.7.2 Mobile Apps
Mobile applications are hosted on Play stores of the respective vendors having
their own Contingency Management Plan & Disaster Recovery Process.
11.8
Mobile Application Policies
11.8.1 Privacy Policy for Mobile Application
Privacy policy should be a carefully written document clearly stating purpose of
collecting the information if any through the app. It should also clearly state the
©2017,NIC 113
