According to a recent government directive, employees are forbidden from utilising Google Drive and Dropbox as well as third-party VPN services. Users are also urged to quit downloading illegal software.
- Users may essentially avoid restricted websites with VPN services.
- DigiLocker online storage is probably what the government wants its consumers to use.
- VPN providers like NordVPN have disconnected their Indian servers.
Government employees should stay away from third-party VPN services like NordVPN and ExpressVPN as well as cloud storage providers like Google Drive and Dropbox, according to a recent warning from the central government. The National Informatics Centre (NIC), a division of the Ministry of Electronics and Information Technology, published a document titled "Cyber Security Guidelines for Government Employees" in which it warns that failure to adhere to the new rules could result in sanctions from the "respective CISOs/department heads". The orders, however, are only intended for Indian government personnel and not for common internet users.
What does the new order say exactly?
Simply highlighting good and terrible cybersecurity procedures for government employees, the new "restricted" document lists both. The government directive specifies that in addition to limiting access to cloud storage and VPN (virtual private network) services, employees must refrain from using third-party toolbars on their internet browsers, such as the Download Manager, Weather Toolbar, and AskMe Toolbar.
Additionally, it is suggested that government employees stop downloading illegal software.
Government employees are also advised against conducting "critical internal meetings and discussions" using "unauthorised third-party video conferencing or collaboration tools" or using any "external email services for official communication."
Why is the government restricting access to VPN and third-party storage?
It is essential to first comprehend why VPN (and cloud storage) firms in India are being singled out before one can comprehend the alleged ban.
In its last decision, the Ministry of Electronics and Information Technology's CERT-IN division required VPNs operating in the nation to keep user records for five years. In case you're unaware, a VPN simply enables users to access blocked websites while hiding their online identities. Users frequently utilise a VPN to access legitimate platforms in order to maintain their anonymity online.
As more businesses began functioning from home, VPN services have grown in popularity over time. Therefore, businesses mandate that employees utilise a VPN network to access platforms securely in order to protect data saved on private office networks. Individuals frequently use VPNs to access banned sites like torrents and more.
Therefore, it appears that the government aims to remove anonymity and monitor all internet activity, particularly unlawful activity. Many analysts, however, interpret the ban on VPNs as a restriction on online freedom. To continue protecting consumers' privacy, VPN firms like NordVPN have chosen to remove servers from India.
But cloud storage is entirely legal in India, and neither the NIC nor the CERT-IN encourage average users to cease utilising platforms like Google Drive and Dropbox. Although the precise reason for the government's recommendation is still unknown, there are a few possibilities.
The government might simply want its staff to start using homegrown systems like DigiLocker, which offers a tonne of services comparable to those of Dropbox and Google Drive. Additionally, it's possible that the government forbids employees from storing information on unofficial apps for security concerns. In-house services are also a possibility, but storing files on third-party platforms runs the risk of sensitive data leaking if the account is compromised. The NIC guidelines confirm the advice given to Indian army jawans regarding third-party texting apps.
The Indian army has frequently requested that young troops refrain from joining WhatsApp groups that contain people who are not in the army. Even while Facebook and Instagram are fully legal in India, it has warned staff members not to post private information or pictures of themselves in uniform there.
The Army Secure IndiGeneous Messaging Application was introduced by the Indian army to provide its employees with more security. According to reports, the programme is made to compete with contemporary messaging apps, but access is limited due to security concerns.