Government employees banned from using VPNs in India
Date:
Mon, 20 Jun 2022 13:21:11 +0000
Description:
Authorities react to VPN providers' exodus from the country enlarging its
hold over security software's usage.
FULL STORY ======================================================================
In the latest chapter of India's ongoing battle against online privacy software, government employees are now barred from using third-party VPN services.
The new directive came following the decision of some of the best VPNs to
shut down their Indian servers amid privacy concerns over new data law . So far, ExpressVPN , Surfshark and NordVPN have all announced they will physically leave the country before CERT-in directives come into force on
June 27.
The Indian government is also urging employees to avoid storing any internal or confidential information on non-government cloud services such as Google Drive and Dropbox. The use of external mobile app-based scanner like CamScanner - which was actually banned in 2020 - is strongly discouraged,
too.
By following uniform cyber security guidelines in government offices across the country, the security posture of the government can be improved, wrote
the National Informatics Centre (NIC) in an internal document reviewed by The Economic Times .
All government employees, including temporary, contractual/outsourced resources are required to strictly adhere to the guidelines mentioned in this document. Any non-compliance may be acted upon by the respective CISOs/Department heads, the new directive adds. ExpressVPN removes VPN
servers in India. Users will still be able to connect to VPN server locations that will give them Indian IP addresses. Read more:
https://t.co/JpCWXW1Dcb June 2, 2022 See more Why are VPNs leaving India?
Cybersecurity experts and privacy advocates have been raising many concerns over new India's data law since it was announced on April 28 .
Expected to come into force on June 27, Indian Computer Emergency Response Team (CERT-In) will force VPN and VPS providers, data centers, cloud storage services, and cryptocurrency exchanges to keep in store sensitive users' data for up to five years and share these with authorities upon request.
Even though the new law comes as an attempt to curb an increasing cybercrime rate - India was thethird most affected nation for data breaches worldwide in 2021 - VPN providers believe that these regulations go against the actual security software infrastructure.
Short for virtual private network, a VPN is a piece of software meant to protect people's online privacy and anonymity. How? By masking their real IP address and securing all the data in transit inside an encrypted tunnel .
That's why ExpressVPN wrote in a blog post that CERT-In new directives are "incompatible with the purpose of VPNs." (Image credit: Shutterstock)
Moreover, a strict no-log policy is a standard feature among the most private VPN services. This guarantees that none of users' sensitive data can be stored, leaked or shared.
As Hide.me explained when announcing its decision to pull the plug on its Indian servers ,India's new data retention law "makes operating a zero-log
VPN impossible".
Despite the backlash, Indian authorities seem to remain firm to their
decision to carry on and implement the new directives at the end of the
month. On this point, Minister of State for Electronics and Information Technology Rajeev Chandrasekhar stated that providers that do not wish to comply with the rules are free to leave India .
At the same time, Head of PR at Nord Security Laura Tyrell told us: "One way or another, it will have a negative impact on peoples privacy and digital security." Discover how VPNs in India are going virtual to protect the
privacy of users
======================================================================
Link to news story:
https://www.techradar.com/news/government-employees-banned-from-using-vpns-in- india/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)