In order to tighten security, the Department of Telecommunications (DoT) has asked telecom service providers to install remote access servers in India within the next six months. The operators will get permission for remote access only after the DoT is satisfied with the compliance report on the operators’ Indian remote access storage, according to a recent DoT communication.
In order to tighten norms for remote access, the provision to monitor data and voice traffic on cellular networks from remote locations, the DoT has also asked all the service providers to create on-line mirror image and audit trail of the remote access information.
The telcos will have to file technical returns every six months, or whenever changes happen, to respective term cells providing details of their entire network.
The international long distance operators will need to provide details of the international routes, countries to which their networks are connected directly, routing of international telecom traffic, the DoT has communicated to the service providers.
Moreover, the operators will have to provide training to the officials of the DoT and the term cells on the remote access methodologies.
Foreign carriers like AT&T, BT, France Telecom, Verizon, Cable & Wireless will be impacted with this move.
In 2009, India had agreed to the demand by global carriers that they be allowed to transfer user information of their clients to locations outside the country.
So far, India allowed remote access from certain international locations that are approved by the home ministry and intelligence agencies. Domestic operators and access service providers, which are the long-distance arms of telcos such as Bharti Airtel, RCom, BSNL and Tatas, are barred from transferring any accounting information of users (except roaming) outside India. Details of infrastructure and network diagrams are also barred from being transferred outside India.
Companies will have to store remote access details for at least six months online, and then the audit trail should be stored offline, the DoT has said.
The remote access to networks should be provided only to approved locations abroad through approved locations in India, and all remote access command logs should be stored directly at the Indian remote access server.
The concept of remote access was introduced in India in 2005 after the Government increased foreign direct investment (FDI) limit from 49 per cent to 74 per cent. Since April 2007, the remote access policy has been uniformly applied to all telecom licences, including national and international long distance and internet service providers.