Ministries and departments were strongly encouraged to adhere to established public procurement guidelines to ensure the safety and integrity of CCTV cameras and other IoT devices
The Ministry of Electronics and Information Technology (MeitY) has issued a crucial advisory to all government departments and ministries, urging them to be vigilant while procuring equipment, especially in light of recent cybersecurity incidents linked to surveillance cameras. This move comes as a response to growing concerns regarding security breaches and data vulnerabilities associated with CCTV systems.
Ministries and departments were strongly encouraged to adhere to established public procurement guidelines to ensure the safety and integrity of CCTV cameras and other IoT devices. The advisory highlighted various risks such as data security breaches, privacy violations, hacking, and cyber-attacks that have been associated with surveillance cameras.
In response to these risks, MeitY advised government entities to avoid procuring equipment from suppliers with a history of security breaches. Furthermore, they emphasised the importance of following procurement guidelines, including the Public Procurement Order (Make In India), 2017, and the Electronics and Information Technology Goods (Requirement of Compulsory Registration) Order, 2021.
To address hardware security concerns, MeitY directed entities to seek assistance from the Standardisation Testing and Quality Certification (STQC) Laboratory. Additionally, they recommended maintaining network security through network isolation measures.
The advisory also called upon government ministries and departments to instruct their Chief Information Security Officers (CISOs) to enforce these measures effectively. MeitY stressed the importance of addressing security threats associated with CCTV network vulnerabilities to ensure the overall security and integrity of video surveillance systems.
In a significant development preceding the advisory, MeitY issued a gazette notification aimed at further enhancing the security of CCTV cameras in public procurement. This notification, dated March 7, emphasised a preference for locally manufactured video surveillance systems and laid down essential security requirements, including physical security measures and encryption protocols.
The notification was welcomed by industry bodies such as TEMA/CMAI/CSAI, who praised the government’s efforts to address national security concerns in video surveillance systems. They highlighted the importance of ensuring trusted sources for critical hardware components and adherence to essential security parameters.
Earlier, on March 6, 2024, MeitY had issued a notification detailing essential testing requirements for the public procurement of CCTV cameras, along with guidelines for calculating local content. Special emphasis was placed on verifying trusted sources for critical hardware components, prohibiting proprietary network protocols, and ensuring the integrity of all codes.
With these measures in place, the government aims to enhance the safety and reliability of CCTV and video surveillance systems deployed across the country, addressing critical national security concerns in the process.