An On-Screen Marking (OSM) portal used for evaluating student answer sheets was deployed without adequate security and functionality tests, according to an expert from a high-level Indian Institute of Technology (IIT) panel. The portal, managed by IT firm Coempt Eduteck, missed obvious vulnerabilities. The IIT panel, comprised of experts from IIT Madras and IIT Kanpur, is investigating the issues with the Central Board of Secondary Education (CBSE).
The panel is preparing to submit its findings to the Education Ministry. Their report will address the deficiencies found in the OSM portal. The investigation aims to identify what went wrong during the platform's implementation.
Security Lapses Identified
Nisarga Adhikary, a 19-year-old ethical hacker, previously identified similar problems in the system. Adhikary briefly downloaded some student data but claims to have deleted it afterward. The IIT panel found no evidence of malicious use or permanent data leakage by Adhikary.
The panel developed a temporary, secure portal for answer sheet evaluation. Experts described this as a temporary solution. They stressed the need for a completely new and robust system for national examinations.
Panel Recommendations for CBSE
The upcoming IIT panel report will recommend mandatory security protocols. These protocols will apply to all public digital platforms. Websites used for examinations require continuous vulnerability checks. These checks must occur before the platforms launch.
The report will emphasize that the CBSE must maintain direct control over student data. The panel insists that no other company should handle student records without rigorous security vetting. Ensuring the safety and security of student information is paramount. This control will limit access to authorized personnel only.
