Connect with us

Policy Watch

IT Ministry Releases Draft Guidelines For Mobile Security And Data Anonymization, All You Need To Know About



IT Ministry Releases Draft Guidelines For Mobile Security And Data Anonymization, All You Need To Know About

NEW DELHI: The Ministry of Electronics and IT (MeitY) released draft documents on data anonymisation and mobile security for the government’s e-governance projects on Tuesday. The documents are available for public comment until September 21st.

The draft, titled ‘Guidelines for Anonymisation of Data (AoD) and Mobile Security Guidelines (MSG),‘ was published on the e-Governance Standards official portal.

The data anonymisation document includes guidelines for all stakeholders involved in the processing of personal data and subtypes via e-governance projects.

However, the department added that private entities processing personal information could also refer to the guidelines.

ALSO READ: Crackdown Against Child Porn: How Kerala Police Raided Over 400 Places And Arrested 14 Child Porn Addicts

Data generated by e-governance projects such as the National Health Mission, Cowin vaccination, Aarogya Setu and healthcare data, Smart cities, and Payment ecosystem (Account Aggregators) is massive. The draft rules are intended to establish the best practises for processing this data.

The Standardisation Testing Quality Certification (STQC) Directorate and the Centre for Development of Advanced Computing (C-DAC), Pune, were commissioned in February 2021 to develop standards and guidelines for e-Governance.

To achieve mobile security goals such as confidentiality, integrity, authentication, accountability, and so on, the Mobile Security Guidelines (MSG) have been proposed. Mobile security is divided into three categories: mobile device security, mobile communication security, and mobile services security.

ALSO READ: India’s Military Researcher DRDO Creates Facial Recognition Technology To See Through Disguises, Masks

In addition, the document defines three types of mobile security controls: policy-based measures, technology-based measures, and user-oriented measures. These would aid in the protection of privacy, sensitive data, and transaction security.

The proposed guidelines are intended for mobile ecosystem stakeholders such as device manufacturers, application developers, network operators, mobile service providers, security testing organisations, and mobile phone users.

The draft also recommends best practises for mobile security testing and application vetting. It has established security levels for entities as well as technological components. According to the document, identifying an entity’s or component’s current security level can help measure the gap and improve toward higher security levels.

Follow on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube

Continue Reading