ForumIAS announcing GS Foundation Program for UPSC CSE 2025-26 from 10th August. Click Here for more information.
Contents
- 1 What is the News?
- 2 What is a Virtual Server?
- 3 What are the advantages of a Virtual Server?
- 4 What is Virtual Private Network(VPN)?
- 5 What are the new rules released by CERT?
- 6 Who all do these new rules apply to?
- 7 What is the implication of these new rules?
- 8 Is India the first country to regulate VPNs?
What is the News?
Some of the leading virtual private network(VPN) service providers have announced that they will remove servers from India after India’s cyber agency Computer Emergency Response Team (CERT-In) has announced new rules for VPN providers.
What is a Virtual Server?
A virtual server is a simulated server environment built on an actual physical server. It basically recreates the functionality of a dedicated physical server.
What are the advantages of a Virtual Server?
More Efficient: Converting one physical server into multiple virtual servers allows organizations to use processing power and resources more efficiently by running multiple operating systems and applications on one partitioned server.
Reduces the cost: Running multiple operating systems and applications on a single physical machine reduces the cost as it consumes less space and hardware.
Higher security: It offers higher security than a physical server infrastructure as the operating system and applications are enclosed in a virtual machine. This helps contain security attacks and malicious behaviours inside the virtual machine.
Useful in Debugging: Virtual servers are also useful in testing and debugging applications in different operating systems and versions without having to manually install and run them on several physical machines.
What is Virtual Private Network(VPN)?
What are the new rules released by CERT?
The new rules mandate VPN providers to record and keep their customers’ logs for 180 days. Corporate VPN providers have been exempted from this.
It also asked these firms to collect and store customer data for up to five years.
It further mandated that any cybercrime recorded must be reported to the CERT within 6 hours of the crime.
Who all do these new rules apply to?
The rules are applicable to “any entity whatsoever” in the matter of cyber incidents and cyber security incidents, regardless of whether they have a physical presence in India or not, as long as they deliver services to Indian users.
The service providers who do not have a physical presence in India but offer services to the users in the country have to designate a point of contact to liaise with CERT-In.
What is the implication of these new rules?
In regards to the VPN service providers, they have few options but to switch to storage servers that will increase the existing costs of operations.
In addition to that, the core aspect of using a VPN to protect the users’ privacy would also be affected.
Is India the first country to regulate VPNs?
India is not the first country to ban or regulate VPNs. In the past, various other countries such as China, Belarus, Iraq, North Korea, Oman, Russia, and the UAE have also taken similar steps.
For instance, in China, only government-approved VPNs are officially permitted to function.
Source: The post is based on the article “Explained | Can virtual servers bypass India’s VPN rules?” published in The Hindu on 27th June 2022.
