Corporate VPNs will not be affected by the new VPN guidelines

Recently, the Government of India issued new guidelines for companies that provide virtual private network (VPN) services in India and directed them to collect and store the details of their users. These guidelines were issued by the Indian Computer Emergency Response Team (CERT-In). Also, Economic Times reported that CERT-In is likely to soon release a FAQ document answering some of the concerns raised by users and companies.

However, according to multiple reports, the new directive will not be applicable to enterprise and corporate VPNs. As per the report, the document will disclose that the new guidelines are applicable only to those VPN service providers that provide their VPN services to the common civilians.

Since the onset of the Covid-19, many companies offered a work from home option to most of their employees. However, these employees are required to use a VPN to connect to the corporate network. Reportedly, the new guidelines will exclude such VPNs so that employees are able to connect to VPNs without any issues.

CERT-In, in a statement, said, “For the purpose of this direction, VPN Service provider refers to an entity that provides “Internet proxy like services” through the use of VPN technologies, standard or proprietary, to general Internet subscribers/users.”