Now, mobile softwares under DoT security scanner

The Department of Telecommunications (DoT) has issued a
directive to all telcos to inform the department of all software updates they
undertake within 15 days and also keep records for a 10-year period.

Earlier, the software updates were not part of the new
rules for importing telcoms equipment that were unveiled last year. The Home
ministry asked the DoT to make mandatory for operators to keep updates of
softwares for 12 months online and for a further two years in a non-online mode
as the documentation would enable the ministry to identify the person who had
issued commands for the software updates, including the changes that had been

DoT had laid strict rules last year regarding the
procurement of telecom equipment, making service providers responsible for any security
breach in the operators’ networks.

As per the rules, a fine of up to INR 500 million ($11.1
million) will be levied in case of a breach.

DoT is concerned that malicious software in foreign
equipment could pose a threat to national security. It has also assured the
national security advisor (NSA) that it had taken a series of steps, including
unveiling new rules and building a test lab to address security concerns on
imported equipment, according to a report in Economic Times.

The new security policy by the DoT mandates that telcos
induct only those network elements which had been tested in international labs
for bugs and Trojan Horses. 

Under the new set of rules, telecom operators can only
import equipment certified by Indian or international standards from any
international agency till March 31, 2013, but after that they have to get the
equipment certified by Indian labs from April 1, 2013.

The DoT has highlighted that a pilot lab was already in place in Indian
Institute of Science, Bangalore, to develop the test standards, procedures and
test tools to evaluate all telecom equipment. 

According to the DoT, the upcoming Centre for
Communication Security Research and Monitoring would help address the
government’s concerns as this would be able to intercept all mobile phone and
internet traffic.

Last year, Chinese telecom companies Huawei and ZTE had
faced security hurdles due to import of telecom equipment from China. 

By Team
[email protected]