Weeks after popular VPN services, including ExpressVPN, NordVPN, and Surfshark VPN, announced their plans to exit India operations due to the Indian government’s new VPN policy, new reports suggest that India has banned third-party VPN and cloud services for government employees.
India Bans VPN and Cloud Services for Employees
As The Economic Times reports, the National Informatics Centre (NIC) has issued guidelines to improve the “security posture” of the government. The new guidelines, titled “Cyber Security Guidelines for Government Employees”, prohibit government employees from using both VPN services and non-government cloud storage services like Google Drive and Dropbox.
“In order to sensitize the government employees and contracted/outsourced resources and build awareness amongst them on what to do and what not to do from a cyber security perspective, these guidelines have been compiled,” reads the document viewed by ET.
In addition, the government wants employees to stop using external mobile app-based scanner services like CamScanner for scanning internal government documents. To recall, CamScanner was one of the many Chinese apps that were banned in India back in July 2020 alongside TikTok. The government has also urged its employees to not root or jailbreak their phones.
“All government employees, including temporary, contractual, and outsourced resources, are required to strictly adhere to the guidelines mentioned in this document. Any non-compliance may be acted upon by the respective CISOs/Department heads,” the note added.
Apart from these, the guidelines reportedly also have general security best practices like using complex passwords and updating passwords once every 45 days. If you’re out of the loop, this is the latest development after India revealed its new VPN policy that comes into effect on June 28. You can catch up on what’s happening from our explainer on India’s new VPN policy.