Government orders employees not to use VPNs, Google Drive, Dropbox; check out the details here- Technology News, Firstpost
FP trendJune 18, 2022 16:25:16 IST
The national government has banned employees from using virtual private networks (VPN) and non-governmental third-party platforms such as Google Drive and Dropbox. The move comes just weeks after the Center announced a policy requiring VPN service providers and data center companies to store user data for up to five years.
According to a report by the Economic Times, the directive asked employees “not to store internal, restricted or confidential government data files on a non-governmental cloud service such as Google Drive or Dropbox.” The order passed by the National Informatics Center (NIC) has been approved by the Ministry of Electronics and Information Technology (MeitY) for improving the government’s “security posture”.
The directive also asked employees not to use third-party anonymization services and VPNs such as NordVPN, Tor, ExpressVPN and proxies. It has also ordered them to refrain from using “unauthorized remote administration tools” such as AnyDesk, TeamViewer and Ammyy Admin, among others.
Government employees have also been asked not to ‘jailbreak’ or root their mobile phones and not to use third-party mobile app-based scanner services such as CamScanner to scan ‘internal government documents’. CamScanner had also fallen under the government’s radar in 2020, when it banned the app as part of its move to restrict China-based mobile applications. However, some employees still used the app, as a notification in Gadegets360.
The directive has also asked employees to use complex passwords, update their passwords once every 45 days, and keep their operating system and BIOS firmware installed with the latest updates.
This directive comes weeks after the national cybersecurity agency CERT-In asked VPN service providers, virtual private server (VPS) providers, data centers and cloud service providers to keep a log of user data, including addresses, names and the purpose of whose VPN. service has been used. The rules will take effect from June 28 this year.
As a result of the order, VPN service companies such as Surfshark, ExpressVPN and NordVPN had decided to remove their physical servers from India, as they follow no logging policies and are technically unable to store logs.