CERT-In gives more time for VPNs to comply with new cyber security norms


PTI, Jun 28, 2022, 3:57 PM IST

Credit: iStock Photo

CERT-In has granted three more months for VPN providers to implement mechanisms related to validation aspects of customer details under the new cyber security directives amid concerns raised by industry players over the proposed norms.

Besides, the timeline for MSMEs has been extended till September 25 for enforcement of the new cyber security directions. The move would bring relief to the companies as it gives them additional time to comply with the new directions, which had evoked sharp reactions from a section of the industry, some VPN providers and privacy advocates.

In the aftermath of the announcement of the new directives in April, there have been reports that some VPN services have shut down their Indian servers. These directives issued on April 28 were to initially come into force after 60 days from the date of issuance.

”CERT-In extends timelines for enforcement of Cyber Security Directions till 25 September 2022 for MSMEs and for the validation aspects of subscribers/customers details,” an official release said on Tuesday.

The extension has been granted after the industry requested more time for the implementation of the directions.

The Indian Computer Emergency Response Team or CERT-In is the national agency for performing various functions in the area of cyber security in the country as per provisions of the IT Act.

The relief will enable MSMEs (Micro, Small and Medium Enterprises) to build the capacity required to adhere to the cyber security directions of April 28.

Data centres, cloud service providers and VPN service providers also have been granted more time for implementation of mechanisms relating to validation aspects of subscribers/customers’ details, the release said.

Ministry of Electronics and IT had mandated cloud service providers, VPN (Virtual Private Network) firms, data centre companies and virtual private server providers to store users’ data for at least five years.

The circular, issued by CERT-In, mandates all service providers, intermediaries, data centres, corporates and government organisations to mandatorily enable logs of all their ICT (Information and Communication Technology) systems and maintain them securely for a rolling period of 180 days, and requires the same to be maintained within the Indian jurisdiction.

Following the directive by CERT-In in April, there were reports that Express VPN has removed its servers from India, becoming the first major VPN player to do so after the cybersecurity rules were introduced.

According to the release, the IT Ministry and CERT-In had received requests for the extension of timelines for implementation of the cyber security directions in respect of MSMEs.

Further, more time was sought for the implementation of a mechanism for validation of subscribers/customers by data centres, Virtual Private Server (VPS) providers, cloud service providers and VPN Service providers.

”The matter has been considered by CERT-In and it has been decided to provide an extension till 25 September 2022 to MSMEs in order to enable them to build the capacity required for the implementation of the Cyber Security Directions,” the release said.

At the same time, data centres, VPS providers, cloud service providers and VPN companies too have been given additional time (till September 25) for the implementation of mechanisms relating to the validation aspects of the subscribers/customers’ details, it added.

Udayavani is now on Telegram. Click here to join our channel and stay updated with the latest news.

Top News

Nelamangala accident: Police expedite probe, CCTV images being scrutinised

Minister Parameshwara directs police to ensure tight security in Bengaluru on New Year’s eve

Teachings of Lord Christ celebrate love, harmony: PM Modi at Christmas celebrations

Veteran filmmaker Shyam Benegal passes away

Passenger gets back misplaced bag containing valuables worth Rs 20 lakh at Mangaluru airport

Karnataka govt approves 9 industrial projects worth Rs 9,823 Cr

Shami not fully fit yet, ruled out of remaining two Tests in Australia

Related Articles More

Teachings of Lord Christ celebrate love, harmony: PM Modi at Christmas celebrations

Police ‘killed’ Dalit man, alleges Rahul in Parbhani; CM Fadnavis says visit politically motivated

Gurugram: 21 cybercriminals arrested for duping Rs 125 cr in fraud cases across country

Delhi HC denies anticipatory bail to Puja Khedkar in UPSC cheating case

Newly recruited Meitei, Kuki personnel in Manipur police to be posted together: CM Biren Singh

MUST WATCH

Tulunadu Daivaradane

Feeding Birds with Creative Paddy Art!

Areca Nut

HOTEL SRI DURGA BHAVANA

Harish Poonja


Latest Additions

Kalaburagi: Woman sustains burns after live electric wire falls on her

Nelamangala accident: Police expedite probe, CCTV images being scrutinised

Rohan Estate Mukka – Resort-style luxury layout launched

Minister Parameshwara directs police to ensure tight security in Bengaluru on New Year’s eve

Teachings of Lord Christ celebrate love, harmony: PM Modi at Christmas celebrations

Thanks for visiting Udayavani

You seem to have an Ad Blocker on.
To continue reading, please turn it off or whitelist Udayavani.