Plans and Terms and Condition

1.   Contingency Plan

1.1      Contingency Plan in the event of defacement

• Defacement Protection Policy
  • Bank’s Corporate Website is security audited for application vulnerabilities and performance.
  • Any application-level modification on the UCO Bank Website implies re-audit of the website.
  • All the servers’ configuration and logs are monitored
  • Only system administrator users are allowed to access the servers for doing administration and configuration tasks.
  • All servers are in lock and net
  • Contents are updated through secured FTP using
• Monitoring of defacement of UCO Bank Website

There are two ways of monitoring the defacement of UCO Bank Website.

1. Cyber security division of M/s Planet e com Solutions is continuously monitoring by analyzing the log files at regular intervals for possible defacement or undesirable change in UCO Bank Website.

2. The Development team of M/s Planet e com Solutions also monitors the website regularly. In case of any eventuality, whoever notices it first shall inform the Technical Manager and Web Information Manager on Phone as well as through email.

• Actions to be taken after defacement

If defacement is detected, the following steps should be promptly executed:

1. Immediate Isolation

• Temporarily take the affected web page or site offline to prevent further damage and protect users from malicious content.
• Block external access if required, using firewall rules or CDN configurations.

2. Notification and Escalation

• Alert the incident response team and IT security personnel.
• Notify management and stakeholders as per the incident response policy.

3. Forensic Analysis

• Review logs from web servers, WAF, and access controls to identify the entry point and nature of the breach.
• Preserve evidence for investigation and possible legal or compliance reporting.

4. Remove Malicious Content if any

• Remove or restore defaced content using backups.
• Revert website files to a known-good state from secure backups.

5. Patch and Secure

• Identify and patch the vulnerability -on regular intervals audit report shared by bank are also complied and yearly CERT Security audit is conducted.
• Change all admin and service passwords.
• Re-validate file and directory permissions.

6. Communication

• Inform users (if necessary), particularly if data exposure or phishing was involved.
• Provide an incident report to management and compliance teams.

7. Resume Operations

• After thorough validation and testing, restore the website to production.
• Closely monitor traffic and content in the hours/days following recovery.

8. Post-Incident Review

• Document the incident, root cause, timeline of events, and corrective actions taken.
• Update monitoring policies, patch schedules, and access control measures based on Findings
  • Time for Restoration of the Bank’s Corporate Website after defacement

The time taken for restoration of the Bank’s Corporate Website depends on the degree of defacement and services affected by the defacement.

1.2   Data Corruption

Regular back-ups of the website data are being taken at Data Centre. These enable a fast recovery and uninterrupted availability of the information to the citizens in view of any data corruption. Regular back-ups of the website data are being taken at Data Centre. These enable a fast recovery and uninterrupted availability of the information to the citizens in view of any data corruption.

1.3   Hardware/Software Crash

Though such an occurrence is a rarity, still in case the server on which the website is being hosted crashes due to some unforeseen reason, the web hosting service provider Data Centre has enough redundant infrastructure available to restore the website at the earliest'. Generally, Time required for starting a website from another server will take about 24 hours.

1.4   Natural Disasters:

There could be circumstances whereby due to some natural calamity (due to reasons beyond the control of any person), the entire data center where Bank’s Corporate Website is being hosted gets destroyed or ceases to exist. In such an eventuality, service provider will start the Website from the DR site after due approval.

Natural Disasters (DR): Storage Based Replication Takes Place at DR site.

2. Website Monitoring Plan

2.1     Frequency of monitoring

UCO Bank Website undergoes 24x7 regular monitoring through manual methods as well as through web analyzer tools.

2.2     Monitored Parameters

Though reports can be obtained on virtually every aspect of the UCO Bank website, for regular analysis, the quality manger is responsible for analyzing and generating the following reports;

• Visitor’s dashboard: This report presents an overview of the Visitors Pattern to the Portal.
• Usage Pattern: Geographic location of visitors i.e., from which cities and countries, visitors are visiting the website
• Hits by hour of the day: This report shows the most and the least active hour of the day for the report period. If there are several days in the report period, the value presented is the sum of all hits during that period of time for all days.
• Referring sites: This report identifies the domain names and IP addresses that refer visitors to the portal.
• Search Phrases: This report identifies Phrases that led the most visitors to the site and for each phrase, which search engine led visitors to the site.
• Top Pages: List of the most popular web pages on the portal and the number of visits for each.
• Browsers: Browsers used for accessing the Website by visitors.
• Platforms: Operating systems mostly used by visitors to access the UCO Bank website. The UCO Bank website is also monitored for quality issues like spelling errors and broken Spelling checks are done on a weekly basis and broken links are monitored daily.

• Utility of Monitored Parameters

 

• Visitor’s pattern and usage pattern reports present the demography of the users and will be helpful in providing feedback for the personalization features that will be added in the new website.
• Search phrases report is used to know what keywords are being used to search for the website. The Pages are then optimized for these keywords.
• Top Pages are the most viewed pages and entry pages are the pages of the website other than the homepage from where the User enters the homepage. Based on the search phrases report, these pages are first optimized for search engines.
• Browser and platform reports are used to optimize the website for the most commonly used browsers.
• Hits by hour of the day report is used to know the time of the day when there are maximum hits on the server. It is ensured that the servers must work optimally at these times.
• Referring sites report is used for link exchange with the sites that are sending the maximum visitors to the website.
• Spelling errors are rectified as soon as they are
• Broken links reports are scanned and corrections made at the

3. Terms and Conditions

UCO Bank has rights to correct and update the contents of this website at any time at its sole discretion. UCO Bank is maintaining this website for general information to its customers and general public. The available materials may be downloaded by the users for non-commercial personal use only.

The contents available on this website, in whole or part, shall not be printed, distributed, transmitted, modified, displayed or otherwise reproduced without the prior written permission of UCO Bank.

While due caution is taken to ensure the correctness of content on the website, however, in case of any difference, the information as released by UCO Bank in printed form will be deemed as the correct information