Telcos to be asked to submit security report

The ministry of home affairs has asked the department of telecommunications to obtain compliance report from various telecom service providers on whether they have implemented the telecom licence amendments which put the onus of network security on the telecom service providers.

The ministry of home affairs (MHA) has asked the department of telecommunications (DoT) to obtain compliance report from various telecom service providers on whether they have implemented the telecom licence amendments which put the onus of network security on the telecom service providers.

Until now the network suppliers such as ZTE, Huawei and Ericsson are required to submit an undertaking claiming that their supplies are free from any embedded spyware or malware.

Ending the almost two-year tussle over how to make the imported telecom equipment across the country safe, DoT had fixed the responsibility to do so on the telecom service providers via the UASL amendment issued on May 31 this year. Under the new UASL conditions, the service providers were obliged to put an organisational policy on security and security management in place which was to be submitted to the government within 30 working days from the date of the amendment.

The licensees are now mandated to audit their network or get the network audited from the security point of view once a year from a network audit and certification agency while inducting only those elements into the telecom network which have been tested according to the relevant contemporary Indian security standards.

They are also obliged to create facilities for monitoring all intrusions, attacks and frauds and report the same to the licensor; such facilities are to be created within 12 months of the issue of the amendment.

The licensees are also required to employ only resident, trained Indian nationals as the chief technical officer, chief information security officer, chief security officer, nodal executives for handling interception and monitoring cases and as in charge of central database and system administrators. Meanwhile the vendor must allow the telecom service provider, licensor and its designated agencies to inspect the hardware, software, design, development, manufacturing facility and supply chain and subject all software to a security check any time during the supplies of equipment.

Simultaneously licensees will have to keep a record of all the software up-gradation and changes. The major up-gradation and changes will have to be informed to the licensor within 15 days of completion of such changes.

In a written communication to the DoT, the MHA has asked the former to apprise it on the matter. ?The DoT had agreed to the view that long term security lies in an increased production of critical components in India.

To this end, DoT had agreed to formulate and put non-security measures such as incentives regimes in place. It had also been agreed that DoT will ensure the creation of adequate national test bed capabilities within the next two years,? home secretary RK Singh has written to the DoT secretary R Chandrasekhar.

Get Live Share Market updates, Stock Market Quotes, and the latest India News and business news on Financial Express. Download the Financial Express App for the latest finance news. .

This article was first uploaded on September sixteen, twenty eleven, at nineteen minutes past two in the night.