/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW DELHI, INDIA: While brainstorming with industry experts on security, Keith White, head of security practice, CSI Asia Pacific, Nokia Siemens Network pointed out that imported equipment used in telecommunications by vendors should be monitored and given clearance only after they are found secure and without any bugs.
“Vendors usually have complete and often unaudited access to all network design, elements and resources. There is no legislation that mandates certain standards required for transparent procedure of developing equipment,” said White at a day-long seminar organized by Internet and Mobile Association of India (IAMAI) on National Security and Digital Technology on Wednesday.
“Sometimes we have found that within a telecom network we get heavy signaling data from network of other vendor which raises suspicion on the data size. This can be done due to hostility between two countries. There is need to monitor imported equipments as it is vital for network security,” he added.
White did not mention any specific vendors but explained that some of the Chinese vendors have been doing so.
“Things are not as transparent at manufacturing level as it happens in India, the US and Europe. Equipment which are made at some of the location other than these have been found with such malpractices. There is need to evolve international standards on transparency of equipment and Nokia Siemens will be happy to comply with it,” said White.
K Santhanam, former chief advisor (Technologies), Defence Research and Development Organization (DRDO) at the conference also raised similar issue on monitoring of devices.
“India is quite deficient in manufacturing of hardware. However, it is top of the ladder in developing high-end software but most of these software had been in application and customer support side. We have to get in to the area of system software design and look at developing chips. We need to look at ways in which Indian importer can be sure that software and devices that are coming to him are clean,” said Santhanam.
He also pointed out that trend of remote management is picking up, which can be a security threat in a way.
“Remote management in the computer is the way forward. Every computer manufacturers leaves a stub behind to repair computers. It is good to repair in such manner but this stub can be a threat for security of data,” added Santhanam.
R Ramaraj, board director, ICANN, appealed that Information and Communication Technology Industry should come forward to embrace security practices till the time there is no competent regulation in place.
“The whole industry should come together to form a self-regulatory body and simultaneously look at the way we can meet the challenge of enforcing regulatory process on all companies in the industry,” said Ramaraj.
Dr. Gulshan Rai, director, CERT-In, expressed the need of having uniform regulation at international level so that malpractices across the globe can be dealt with.
“We need to have uniform security practices across the globe. In todays world we are connected with each other and there is no boundary for Internet. Data sitting at some location in the world can be leaked from different location in globe. We have recently seen an income tax department phishing site which was hosted on US server but Indian were found involved in it. Hence there are no boundaries in digital world and seamless regulation across borders is must,” said Rai.