![\"\"](\"\/\/www.iser-br.com\/Themes\/Release\/images\/responsive\/ettelecom-default.jpg\")
\"There is no opportunity for somebody to say we will not follow the rules and laws of India. If you don't have the logs, start maintaining the logs. If you are a VPN that wants to hide and be anonymous about those who use its VPN and you don't want to go by these rules, if you want to pull out, then frankly you have no other opportunity but to pull out,\" he said.
The ministry of electronics and IT has mandated cloud service providers, VPN (Virtual Private Network) firms, data centre companies and virtual private server providers to store users' data for at least five years.
Some of the VPN companies have claimed that the new rule may lead to cyber security loopholes in the system -- an argument which was rejected by the minister.
Chandrasekhar said that the government is also not going to make any change in the rules on mandating entities to report cyber breach in their system within six hours of learning about it.
\"The criminality and the cyber incidence, nature, type, shape, form of it are very complex. They have very sinister elements behind it. There are many state actors that are using vulnerability. Those who commit these breaches can move on very quickly. Immediate reporting is fundamental to investigating, forensic analysis, situational awareness of the nature of the incident,\" he said.
US-based technology industry body ITI, having global tech firms such as Google, Facebook, IBM and Cisco as its members, has sought a revision in the Indian government's directive on reporting of cyber security breach incidents.
ITI said that the provisions under the new mandate may adversely impact organisations and undermine cyber security in the country.
The industry body has asked for a wider stakeholder consultation with the industry before finalising on the directive.
Indian Computer Emergency Response Team (CERT-In) on April 28, issued a directive asking all government and private agencies, including internet service providers, social media platforms and data centres, to mandatorily report cyber security breach incidents to it within six hours of noticing them.
The new circular issued by the CERT-In mandates all service providers, intermediaries, data centres, corporates and government organisations to mandatorily enable logs of all their ICT (Information and Communication Technology) systems and maintain them securely for a rolling period of 180 days, and the same shall be maintained within the Indian jurisdiction.
ITI has raised concerns over the mandatory reporting of breach incidents within six hours of noticing, to enable logs of all ICT systems and maintain them within Indian jurisdiction for 180 days, the overbroad definition of reportable incidents and the requirement that companies connect to the servers of Indian government entities.<\/body>","next_sibling":[{"msid":91646025,"title":"Non-mobile business growth boosts Airtel's Q4","entity_type":"ARTICLE","link":"\/news\/non-mobile-business-growth-boosts-airtels-q4\/91646025","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[],"msid":91647161,"entity_type":"ARTICLE","title":"Comply with rules or exit from India, govt tells VPN service providers","synopsis":"The ministry of electronics and IT has mandated cloud service providers, VPN (Virtual Private Network) firms, data centre companies and virtual private server providers to store users' data for at least five years.","titleseo":"telecomnews\/comply-with-rules-or-exit-from-india-govt-tells-vpn-service-providers","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":183,"shares":0,"engagementtimems":798000},"Alttitle":{"minfo":""},"artag":"PTI","artdate":"2022-05-18 21:08:41","lastupd":"2022-05-18 21:10:21","breadcrumbTags":["VPN services","rajeev chandrasekhar","VPN networks","Virtual private network","telecom news","Policy","VPN services FAQs"],"secinfo":{"seolocation":"telecomnews\/comply-with-rules-or-exit-from-india-govt-tells-vpn-service-providers"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-05-18" data-index="article_1">
- Telecom乐动扑克News
- 3分钟阅读
遵守规则或退出印度政府告诉VPN服务提供商
电子和授权的云服务提供商,VPN(虚拟专用网络)公司,数据中心公司和虚拟专用服务器提供商来存储用户的数据至少五年。
读到
“没有机会,有人说我们不遵守规则和法律的印度。如果你没有日志,开始维护日志。如果你是一个VPN想隐藏,对那些使用它的VPN是匿名的,你不想去通过这些规则,如果你想退出,然后坦白说你没有其他机会,但退出,”他说。
电子和授权的云服务提供商,VPN(虚拟专用网络)公司,数据中心公司和虚拟专用服务器提供商来存储用户的数据至少五年。
一些VPN公司称,新规定可能导致网络安全漏洞的系统——一个论点被部长。
钱德拉塞卡表示,政府也不会做出任何改变规则强制实体报告网络违反他们的系统在6小时的学习。
“犯罪和网络发生率、性质、类型、形状,它是非常复杂的。他们有很邪恶的元素。有很多国家的演员,正在使用的弱点。那些提交这些漏洞可以很快。立即报告是调查的基础,法医分析、态势感知事件的性质,”他说。
美国科技行业的身体来,全球科技公司如Google, Facebook, IBM和思科作为其成员,寻求在印度政府指令修订报告网络安全漏洞事件。
来表示,根据新规定授权可能造成负面影响组织和破坏网络安全。
行业组织已经要求更广泛的利益相关者与业界磋商之前敲定的指令。
印度计算机紧急响应小组(、)4月28日发布了一项指令,要求所有政府和私人机构,包括互联网服务提供商,社交媒体平台和数据中心,网络安全漏洞事件强制报告在6个小时的注意。
新发行的圆形、授权服务提供商,中介机构,数据中心,企业和政府机构强制要求启用日志的ICT(信息通信技术)系统和维护安全滚动一段180天,同样应保持在印度管辖范围内。
来引发了担忧的强制性报告违反事件关注的六个小时内,启用日志的ICT系统和维护它们在印度管辖范围内为180天,过于宽泛的定义可报告的事件,并要求公司的印度政府实体连接到服务器。
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动