- The government of India has banned its employees from using third-party and non-government cloud platforms.
- Government employees have also been restricted from using virtual private network (VPN) services.
- The move comes following the announcement of the country’s new VPN policy.
A new government order restrict employees from using third-party, non-government cloud platforms including Google Drive and Dropbox as well as virtual private network (VPN) services including NordVPN and ExpressVPN. The order passed by the National Informatics Centre (NIC) has been circulated to all ministries and departments and all government employees are required to comply with the directive. The new move by the government comes just weeks after directing VPN service providers and data center companies to store their user data for up to five years.
In addition to restricting employees from using the popular cloud services, the government instructed employees through its directive to not use any third-party anonymization services and VPNs, including NordVPN, ExpressVPN, Tor, and proxies. Additionally, it directed the workforce to refrain from using “unauthorized remote administration tools” such as TeamViewer, AnyDesk, and Ammyy Admin, among others.
Government employees are also directed to not use any “external email services for official communication” and conduct “sensitive internal meetings and discussions” using “unauthorized third-party video conferencing or collaboration tools.” The government additionally ordered employees to not “use any external websites or cloud-based services for converting/ compressing a government document”. It also directed the workforce to not use “any external mobile app-based scanner services” including CamScanner for “scanning internal government documents.
Govt employees are said to stop using non-government services
The publication revealed that the government of India has also directed employees to not “jailbreak” or “root” their mobile phones. Employees are also asked to use complex passwords for their accounts as well as update passwords once in 45 days. In addition to VPNs and cloud services, the Indian government has also directed employees from using “unauthorised remote administration tools” like TeamViewer, AnyDesk, and Ammyy Admin.
In addition to this, the Nation Informations Centre (NIC), which comes under the Ministry of Electronics and Information Technology of India, has asked government employees to not ‘root’ or ‘jailbreak’ their mobile phones. Moreover, the usage of any external mobile app-based scanner services such as CamScanner for scanning “internal government documents” is also prohibited.
In case you are unaware, CamScanner was one of the apps on the list of several banned apps by the Indian government back in 2020. However, the app continues to function through different versions on Android’s PlayStore and iOS’ App Store.
“By following uniform cyber security guidelines in government offices across the country, the security posture of the government can be improved,” notes the internal document. While the new guidelines have been passed to control the security posture, they appear to be far more dictatorial, especially, with the government not wanting employees to use services like Google Drive, which is widely used across the world.
Thanks for Reading!!