• Ntc
  • Ncell
  • Samsung
  • Apple
  • Xiaomi
  • 2G to 5G
  • Namaste Wifi
  • NTA
  • Best ISPs
  • About us
Sunday, December 3, 2023
NepaliTelecom
Advertisement
  • Home
  • Telecom News
    • News
    • NTA
    • Ntc
    • Ncell
    • Smart Cell
    • Digital Nepal
  • Gadgets
  • How To
  • Editors’ Pick
  • Contact us
No Result
View All Result
  • Home
  • Telecom News
    • News
    • NTA
    • Ntc
    • Ncell
    • Smart Cell
    • Digital Nepal
  • Gadgets
  • How To
  • Editors’ Pick
  • Contact us
No Result
View All Result
NepaliTelecom
No Result
View All Result
Home NTA - Nepal Telecommunication Authority

NTA Implements Cyber Security Bylaw 2077 for Cybersecurity Standards

NepaliTelecom by NepaliTelecom
July 6, 2023
in NTA - Nepal Telecommunication Authority, Telco News
0
Cyber Security bylaw 2077 Nepal
Share on FacebookShare on Twitter

Nepal Telecommunications Authority (NTA), the Telecommunication regulatory body of Nepal, has implemented Cyber Security Bylaw 2077 (2020) recently. It is a mandatory cybersecurity regulation for Telcos and ISPs to implement security standards and best practices in a systematic way.

About a month ago, NTA directed the telcos, ISPs to mandatorily conduct security audit regularly. Now, all licensed telecommunication service providers operating in Nepal need to fulfil the clauses of the Cyber ​​Security Regulation 2077.

Security Audit ISP telcos

As cybersecurity has become increasingly sensitive in recent times, the authorities have come up with regulations targeting telecom service providers. Not long ago, the Nepal Telecom server got hacked, sprouting fear of data hack and data breach among us. Similarly, Vianet, one of the popular ISP in Nepal had to suffer from the customer data leak. So considering the weak cybersecurity system of the telecom service providers in Nepal, NTA framed the Cybersecurity Bylaw 2077. NTA Board passed the Bylaw with a meeting held last Friday.

Cyber Security bylaw in Nepal 2077

The Bylaw is a 12-page long list of rules that covers the following topics:

  • General Security Standards and Practices,
  • Infrastructure/Network Security
  • Core System Security
  • Application Security
  • Data Security/Privacy
  • Information System (IS) audit
  • Cloud Security
  • CERT/Incident Response
  • Security Operation Center (SOC)
  • Cybersecurity awareness and capacity building

Social media, email, password, privilege Management

According to the Bylaw, the company shall specify the handling of social media/official emails in the office by their employees. Similarly, there is a policy for a password, that the service provider shall enforce in the organization. The service provider shall also manage the privileges in a user account with the admin access for authorized individuals only. The service providers also need to make the password change for admin and users in ninety days.

They should also adopt an internationally recognized security system, the default login given in any application should be blocked. They also need to spread public awareness about cybersecurity among the users.

The bylaw also binds the service providers to only use the commercially licensed operating system and applications in their computers, laptops and mobile devices.

Strengthen security

Similarly, there is a provision to implement a DDoS (Distinguishing Distributed Denial of Service) detection system for the security of the network. The providers shall use a secured virtual private network (VPN) with IPSec or SSL while accessing the system from remote places. The server provider shall use an updated firewall for the security of the core system. Similarly, there is a provision for OTP (One Time Password) for mobile-based application security.

The sharing of data has also become stringent such that the service providers have to sign NDA (Non-Disclosure Agreement) with employees, vendors, third parties to copy, distribute, sell data without consent.

Similarly, the service provider shall set up a separate security unit within their organization, with 24X7 alert, monitoring and implement all preventive measures. Likewise, there shall be an incident response team to coordinate with the NTA task force to handle the attacks and minimize loss.

Read Cybersecurity, data leaks, hacks and Digital data in Nepal.

Mandatory security audit

The Telecommunication service providers should mandatorily conduct a security audit of information systems every three months. The service providers are required to conduct internal security audits as well as external security audits. Moreover, the auditing needs to be conducted by the security auditors as specified by the authorities or the government.

The regulation stipulates that telecom service providers shall submit such security audit reports to the authority every six months.

Security Audit penetration testing Nepal

They shall also perform penetration testing and vulnerability assessment in 3 months and rectify the problems identified.

The auditor shall perform the audit according to the criteria prescribed in the regulations for areas like a web application, network architecture, wireless communication etc. Please find the details of the Cyber Security bylaw 2020.

Director of the Nepal Telecommunication Authority, Vijay Kumar Roy, said that the Bylaw is put forward after a long discussion and preparation with all stakeholders. So he opines that the service providers shall follow the regulations strictly. According to him, it will help to strengthen the Cybersecurity of all the service providers.

Conclusion

To strengthen the cybersecurity of the service providers, NTA has enforced Cyber Security By-law 2077. It mentions a list of rules that the Telecom service providers should strictly follow and prepare a security audit report to submit it to the authority for analysis. As the Cyber Security Bylaw 2020 is based on international standards, we can expect it to reduce the risk of cybercrimes.

The authority will make sure that the license holders (Basic Telephony/Landline, Mobile service, Network service, Internet service) implement the rules mandatorily. Incompetence in implementing any rule mentioned in the Bylaw will be liable of consequence. As known, NTA will analyze the bylaw continuously and make a revision if required, so that no one needs to compromise on their cybersecurity.

We suggest you read NTA revises the SIM/mobile number reuse period to one year >>

What do you think of these cybersecurity standards mentioned in the bylaw? Please share your opinion on the comment section below.

Follow us on Facebook, Twitter, and Viber to get the latest news, and information about Nepal Telecom, Ncell, Smart Cell, ISPs, mobile apps, and phones in Nepal.

Latest Posts

  • Daraz Shopping Milestone: 4.70 Lakh Customers Served In A Single Day During 11.11 Sale, 75% Enjoyed Free Delivery
  • Spectrlite UK Buys Axiata’s Ncell Shares for $50 Million
  • Mero Job App Revamped: Your Next Job Is Just a Few Taps Away
  • Axiata to exit from Ncell, puts 80% shares up for sale
  • These Xiaomi/Redmi smartphones will get HyperOS update in December
  • Samsung revolutionizing upcoming phones with Galaxy AI- A comprehensive AI package
  • Google Message Gets Ultra HDR Image Support via RCS Chats
Comments
Tags: bylawCloudCyber securitycybersecuritycybersecurity bylawData securityinformation securityISPNTAsecurity audittelcosVPN
Previous Post

OnePlus 8 launched in Nepal; 48MP Camera, Powerful Chipset, 90Hz Display

Next Post

Quantum Hack conducted the Largest International Hackathon of All Time

NepaliTelecom

NepaliTelecom

Related Posts

Ncell Axiata Office
Ncell

Spectrlite UK Buys Axiata’s Ncell Shares for $50 Million

December 3, 2023
Ncell Axiata Office
Ncell

Axiata to exit from Ncell, puts 80% shares up for sale

November 29, 2023
Nepal Telecom Ntc Sample Districts Quality services
Nepal Telecom

Earthquake-stricken Jajarkot to Get NTC’s Sample District Treatment

November 27, 2023
nepal telecom fiber internet in banglachuli
Nepal Telecom

Nepal Telecom starts high-speed fiber internet in Banglachuli

November 26, 2023
Mobile Phone Jammers Nepal
Telco News

Police using cellphone jammers in a Vehicle to disrupt mobile connection in Balkhu and Tinkune

November 23, 2023
Nepal Telecom Awarded highest income tax paying company FY 2079 80
Nepal Telecom

Nepal Telecom recognized for being the highest taxpaying company in FY 079/80

November 23, 2023
Next Post
Quantum hack hackathon

Quantum Hack conducted the Largest International Hackathon of All Time

You may also read

Register Phone IMEI number online NTA

NTA’s Online registration of Mobile Phone IMEI in MDMS

November 24, 2023
Ncell Axiata Office

Axiata to exit from Ncell, puts 80% shares up for sale

November 29, 2023
MDMS in Nepal

Register Your Grey Phone in MDMS, Find Costs for iPhone, Android, and Bar phone

November 6, 2023
Ncell Axiata Office

Spectrlite UK Buys Axiata’s Ncell Shares for $50 Million

December 3, 2023
SMS Ntc Ncell Smart Cell

How To Solve SMS Problem in Ncell, Ntc, and Smart Cell; Top 5 Methods

October 9, 2023
How to Recharge Ntc, Ncell, Smart Cell Balance Online?

How to identify Ntc Ncell Smart Cell Hello mobile numbers?

August 31, 2023
NepaliTelecom

Nepalitelecom.com is a website/blog which provides information regarding telecommunication in Nepal along with Gadgets and has been doing some research for the telecom market in Nepal. We intend to do more of such survey/research in the Nepalese Telecom sector.

SiteMap

Follow Us

📢 Follow us on Viber to get the latest news, and information about Nepal Telecom, Ncell, ISPs, mobile apps, and phones in Nepal.

Popular Categories

Ntc | Ncell | Telco News | ISP | NTA | Gadgets

Recent Posts

  • Daraz Shopping Milestone: 4.70 Lakh Customers Served In A Single Day During 11.11 Sale, 75% Enjoyed Free Delivery
  • Spectrlite UK Buys Axiata’s Ncell Shares for $50 Million
  • Mero Job App Revamped: Your Next Job Is Just a Few Taps Away

© 2023 Nepalitelecom

No Result
View All Result
  • Home
  • Telco News
  • Gadgets Nepal
  • Nepal Telecom
  • Ncell
  • Digital Nepal
  • How To
  • Editors’ Pick

© 2023 Nepalitelecom

Â