The Department of Telecommunications (DoT) has set new deadlines for operators to comply with the norms pertaining to security of telecom networks.
As per the new rules, operators are required to submit an organisational policy on security management of their networks to DoT by October 7, 2011. They will also have to ensure that positions such as chief technical officer, chief information security officer or nodal executives responsible for call interception and monitoring, are held by Indian nationals by April 1, 2012.
DoT?s directive comes after the Ministry of Home Affairs requested it for a compliance report on the new security clauses in the operators? licence.
Besides, operators are required to file a status report on security audits conducted on their networks by October 30, 2011. Such reports will have to certify that a mobile network is secure and free of malware and spyware.
Accordingly, network audits have to be undertaken by an ISO certified agency. Eventually, operators need to submit a detailed network audit status report for each financial year on the first day of the next fiscal year.
The new rules also mandate that operators keep DoT informed of all software updates and changes that have taken place at the network level. Under the compliance format, an operator has to inform DoT within 15 days of completion of such software updates and furnish a compliance certificate on the first day of each fiscal for the previous financial year.
