Thursday, June 05, 2025 | 03:47 AM ISTहिंदी में पढें
Business Standard
Notification Icon
userprofile IconSearch

Cert-In extends deadline for VPN cybersecurity norms till Sept 25

CERT-In directions, released on April 28, mandate service providers to keep records of every information and communication technology (ICT) transaction for a minimum of 180 days

The use of VPNs did not re­main confined to business applications.
premium

The new deadline comes after VPN providers, including ExpressVPN, NordVPN, and SurfShark, earlier this month decided to remove their servers in India.

Sourabh Lele New Delhi
India’s Computer Emergency Response Team (CERT-In) has extended until September 25 the deadline to comply with its cyber security norms for Virtual Private Network (VPN) and cloud services, responding after foreign providers said they will remove their servers in the country.

September 25 is the new compliance date for micro, small and medium enterprises (MSMEs). Other businesses, which don’t provide VPN or cloud services, will have to comply with the earlier deadline of June 27.

The September 25 extension will “enable the industry to build the capacity required for the implementation of the cyber security directions,” said the Ministry of