Computer Emergency Response Team (CERT-In) has extended the enforcement of the new cybersecurity rules by three months to September 25, the agency said in a release.
(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)
The extension is aimed at giving small businesses enough time to plan on using data centres, virtual private server (VPS) providers, cloud service providers and virtual private network service (VPN) providers to implement mechanisms for validation of subscribers or customers, CERT-In said in the release.
The new VPN rules ordered them to collect customer data, store it for five or more years, and hand it over to the government if requested.
The move resulted in several top VPN providers deciding to relocate their physical servers out of India, to Singapore and U.K. This move is said to provide users in the country virtual access to their private network services.
