Govt Employees Asked Not to Use Third-Party VPN And Cloud Services

Indian government employees are advised not to use third-party virtual private networks (VPNs) and cloud services such as Google Drive and Dropbox, according to a 24-point "cybersecurity dont's" set by the National Informatics Center (NIC).

In its 10-page policy, NIC tells its employees not to use third-party toolbars such as Internet Browser, download managers, weather toolbars, or external email services for "official communications."

This advisory comes a few weeks after NordVPN, ExpressVPN, Surfshark, and Tor withdraw from India after the Computer Emergency Response Team (CERT-Ins) in India has asked all VPN service providers to retain user data for five years.

Any type of non-compliance may be addressed by the appropriate CISOs/Department heads, "the NIC document states," restricted, "and available on the website of the highway ministry.

The BusinessLine website reported that a senior NIC official reviewed the guidelines but refused to provide details. The NIC document provides a 25-point list of "safety rules" that encourage employees to report suspicious emails using authorized software.