Layer 3 · Infrastructure & platform teams
CERT-In Log Retention & Technical Mandates
The 180-day log rule, Indian-NTP synchronisation and VPN/cloud/VDA KYC duties.
| Mandate | Deadline | Technical Specification |
|---|---|---|
| 6-hour incident reporting | Within 6 hours of noticing | Report to incident@cert-in.org.in; subject line format specified in Directions; preliminary report acceptable within 6 hrs with follow-up |
| Log retention — 180 days | From June 25, 2022 | System, network, application, and security logs retained in India for 180 days; WORM storage recommended; must be producible on CERT-In demand |
| NTP synchronisation — Indian servers | From June 25, 2022 | All ICT infrastructure clocked to NIC / NPL servers only; no foreign NTP sources |
| VPN / Cloud KYC | From June 25, 2022 | VPN providers must maintain validated subscriber names, IPs, usage patterns for 5 years and provide to CERT-In on demand; same for cloud providers |
| Virtual asset exchange KYC | From June 25, 2022 | Crypto exchanges must register users, maintain transaction records for 5 years, and report suspicious transactions to CERT-In and FIU-IND |