Telecom operators, equipment vendors, enterprise communication network users will all be made responsible for securing telecom networks under a new telecom network security policy.
The policy, being drafted by the Department of Telecom, also aims at making network robust to deal with disasters.
certification
Under this policy, all telecom network equipment will have to get a ‘safe to connect' certification before it can be used. The certification will have to be done through a testing laboratory. Periodic test of the telecom networks will be carried out to ensure that no threat has crept into the network.
The draft policy also wants corporates using global enterprise communication networks to ensure that the network within the country complies with the security requirements. “It is possible that network of these enterprises are subjected to laws of different countries, which may not be the same. Therefore, enterprises would have to adopt a little flexible approach in building their network security policies in such a way that part of the network in the geographical boundary of the country follows the security requirements mandated by this policy,” the draft stated.
The policy also suggests setting up a centralised institution to address network and cyber security issues. “For implementing the telecom security policy, an institutional mechanism with requisite organisational structures should be put in place,” it said, adding that such a government structure plays a key role during catastrophic events also.
New body
Separately, the Government is planning to set up a new body to oversee telecom and cyber security issues. Called the National Telecom Network Security Coordination Board, it will essentially coordinate between various existing agencies to avoid overlap of work. It will have representatives from the Defence and Home Ministries, intelligence agencies, IT Department, intelligence bureau, National Security Advisor and NTRO.