The Indian government has issued new guidelines with immediate effect allowing the import of network equipment from foreign telecoms vendors.
Procurement had been barred since early 2010, with several interim proposals mooted. This uncertainty in the run up to 3G rollouts has affected the plans of mobile operators and sent equipment vendors scrambling to avoid a potential ban.
The new guidelines put the onus for compliance squarely on operators. Any security breach is now the sole responsibility of the operator, which is liable for penalties of $10 million per purchase order and 100% of the service contract value.
Under the rules, operators are responsible for network security and must submit organizational plans to the government. They must also arrange third-party audits and certification for an initial list of core equipment, and also provide the designs and source code associated with equipment purchased for testing by the government.
Operation and maintenance work is to be done only by Indian engineers within two years, and operators are to create a telecom security forum, install test labs in their own premises, and upgrade all equipment to be able to pinpoint subscribers’ existing positions to within 50 meters.
The department of telecom has also mandated that all equipment vendors allow thorough inspection of hardware, software, and facilities at time of procurement and periodically thereafter.