Tiếng Việt
中文 (中国)Enterprises’ responsibility to ensure national network information security is legal content that readers often need to check carefully before implementing it in practice. This article has been reorganized by ANT Legal in an easy-to-understand way, helping individuals and businesses understand the main problems, common risks and appropriate solutions.
Do telecommunications businesses have to set up an environment to install monitoring equipment, take samples and provide network data flow? Administrative sanctions when telecommunications businesses do not set up an environment to install monitoring equipment, take samples and provide network data flow?
1. Does a telecommunications business have to set up an environment to install monitoring equipment, take samples and provide network data flow?
Pursuant to Clause 4, Article 7, Decision 05/2017/QD-TTg of 2017 on the national cyber information security incident response network:
National cyber information security incident response network
…
4. Network members are responsible for complying with the network’s operating regulations, complying with the coordination requirements of the coordinating agency, participating and actively contributing to the network’s activities. Telecommunications enterprises and ISP Internet service providers are responsible for storing and providing information related to subscriber IP addresses, servers, IOT devices, log files, DNS domain name resolution service logs within the scope of management of the enterprise; establishing an environment to install monitoring equipment, take samples and provide network data streams to serve monitoring and detect incidents as required by the national coordinating agency; Establish a 24/7 permanent focal point, arrange human and material resources ready to coordinate and deploy solutions to rescue and overcome the consequences of incidents in case the source of the attack is determined to originate from a subscriber belonging to your enterprise or when requested by the national coordinating agency.
Thus, telecommunications enterprises must be responsible for establishing an environment to install monitoring equipment, take samples and provide data flow network to serve monitoring and detecting incidents at the request of the national coordinating agency.
2. Administrative sanctions when telecommunications businesses do not set up an environment to install monitoring equipment, take samples and provide network data flow?
Pursuant to Clause 4, Article 78 of Decree 15/2020/ND-CP violating regulations on ensuring information security and responding to network information security incidents
Violating regulations on ensuring information security and responding to network information security incidents
…
4. Fine from 50,000,000 VND to 70,000,000 VND for one of the following acts:
…
đ) Failure to coordinate with the National Coordinating Agency, service providers and authorities to restore some of the most necessary activities, data or connections to minimize damage to the information system or cause negative impacts on society. association;
e) Failure to coordinate while the problem has not been completely resolved;
g) Failure to handle the consequences of their information system failure affecting people, agencies, and other organizations;
h) Failure to store or provide information related to subscriber IP addresses, servers, IOT devices, logs files, DNS domain name resolution service logs within the scope of management;
i) Not setting up an environment to install monitoring equipment, sampling and providing network data flow;
k) Not establishing a 24/7 permanent focal point or not arranging human and material resources ready to coordinate and deploy solutions to respond to and overcome the consequences of incidents in case the source of the attack is identified comes from the subscription of your enterprise or when requested by the National Coordinating Agency.
Note: According to the provisions of Clause 3, Article 4 of Decree 15/2020/ND-CP, the above fine is the fine for organizations.
Thus, in case a telecommunications enterprise does not set up an environment to install monitoring equipment, take samples and provide network data flow, it may be subject to a fine from 50,000,000 VND to 70,000,000 VND.
3. What is the responsibility of telecommunications enterprises to ensure national network information security?
Pursuant to Clause 4, Article 14 of the Law on Network Information Security 2015, emergency response to ensure national network information security:
Emergency response to ensure national network information security
…
4. Responsibility for ensuring national network information security is prescribed as follows:
a) The Prime Minister decides on a system of emergency response plans to ensure national network information security;
b) The Ministry of Information and Communications is responsible for presiding over coordination of emergency response work to ensure national network information security;
c) Ministries, branches, People’s Committees at all levels and relevant agencies and organizations within the scope of their tasks and powers are responsible for coordinating and directing emergency response to ensure national network information security gia;
d) Telecommunications enterprises are responsible for implementing emergency response measures, coordinating with the Ministry of Information and Communications, relevant ministries, sectors, and People’s Committees at all levels to ensure national network information security.
Thus, telecommunications enterprises are responsible for implementing emergency response measures, coordinating with the Ministry of Information and Communications, relevant ministries, sectors, and People’s Committees at all levels. related to ensuring national network information security.
Note on Applying Current Legal Regulations
This article belongs to the Business & M&A group and is presented for reference purposes, helping readers understand the legal issue at an overview level before preparing a dossier or carrying out a transaction.
Legal regulations may vary depending on the timing, locality, type of dossier and specific circumstances. If you need to determine the exact legal basis applicable to your case, you should contact ANT Legal’s lawyers at 0966.475.966 for review and advice before proceeding.
Common Legal Risks to Note
- Applying legal instruments that have been amended, supplemented or replaced.
- Preparing an incomplete set of documents, materials or necessary evidence.
- Misunderstanding the conditions, procedure, timeline or competent authority.
- Signing, submitting a dossier or carrying out a transaction before fully assessing legal risks.
How Can ANT Legal Support You?
ANT Legal can review the specific circumstances, examine the dossier, identify the applicable legal basis, advise on an appropriate handling plan and represent clients in working with individuals, organizations or competent authorities where necessary.
For prompt advice, you may contact a lawyer at 0966.475.966.
Related Articles
- Is it necessary to show the HS code on the Business License when the Business License is adjusted?
- The employer who does not organize chemical safety training for 30 workers will be fined as such. What?
- How will logistics businesses receive electricity discounts for warehouses that store goods from the Government?
- Regulations on commercial advertising service business according to Vietnamese law
- When exporting e-cigarettes abroad, do I have to apply for a license or certificate for this product?
