Enterprise communication services are haunted by security scanner

By siliconindia   |   Friday, 19 November 2010, 20:11 IST
Printer Print Email Email
New Delhi: The Ministry of Home Affairs have taken a wise step towards ensuring the enterprise communication services offered by other vendors, including Nokia and Cisco, also have systems that allow security agencies to snoop into the network. All thanks to the issues that were related to the Black berry services. "The DoT has been requested to ascertain other enterprise service that may currently be under use by any other agency and asses their compliance to the law enforcement agencies requirements of providing for interception of authorized targets in a usable format," said a note from the Home Ministry to the DoT Secretary. The Home Ministry's note is a major victory for BlackBerry device maker Research In Motion (RIM) as they have been saying that the issue of monitoring highly encrypted data is an industry issue and not that of BlackBerry alone. In September, RIM had written a letter to the DoT saying that the connection between a BlackBerry device and the BlackBerry Enterprise Server (BES) forms a Virtual Private Network (VPN) that is identical to a commercial VPN solution from Cisco, Microsoft, Apple, Nokia, Juniper and others. Nokia has, however, already said that it is setting up a server in India, which will enable security agencies to track down any data flowing through Nokia devices. The basic issue is that Indian security agencies do not have the equipment to snoop into anything that is highly encrypted. Under current laws, operators are allowed to offer services that have less than 46 bit encryption. Services like Blackberry use much higher encryption to keep data secure. There are other services offered by Internet giants including Skype, GMail and Yahoo which are not being monitored by security agencies due to non-access to data passing through these networks. The MHA has already asked DoT to look at amending licence conditions, which will make it mandatory for operators to give access to these services as well.