The important thing is to be using multiple hosting providers and different levels of protection. And of course, Twitter cannot be moved to Kenya :-) You're right that an in-country host is no more secure than one anywhere else from a cyberattack point of view. However, from a regulatory point of view it's much different. Right now the EU can compel Kenyan groups to hand over data because the data resides there. That's not an issue with a local host like Kili. Anyway, local hosts are way faster - that's the most important thing. Having the data local (i.e. Kili) literally makes it 40% faster. Also, for the CloudFlare attack, because there are only 3 routes into the country, a big DDOS from outside probably wouldn't be as intense as it could be to a host in the EU or US. The important thing is that media, government, and enterprises aren't in a position to host on the Internet - they need modern cloud providers like Amazon or Rackspace to help them - or if they're in Kenya, take advantage of a better service for the same price - Kili. -Adam -- Kili - Cloud for Africa: kili.io Musings: twitter.com/varud <https://twitter.com/varud> More Musings: varud.com About Adam: www.linkedin.com/in/adamcnelson On Fri, Jul 25, 2014 at 11:59 AM, Mwendwa Kivuva via kictanet < [email protected]> wrote:
They might also host all twitter and FB accounts locally. :)
On a more serious note, CAK is the regulator. Is it the right partner to host government content? When we say we want to separate the regulator from control of government, is it something we can achieve? Probably ICTA would have been a more preferred host.
Regards
______________________ Mwendwa Kivuva, Nairobi, Kenya twitter.com/lordmwesh
"There are some men who lift the age they inhabit, till all men walk on higher ground in that lifetime." - Maxwell Anderson
On 25 July 2014 04:31, Ngigi Waithaka <[email protected]> wrote:
Central Management of GoK;s website hosting is a step in the right direction as the skills needed to protect government infrastructure can also be centralized. However, it also gives you a single point of failure where if anyone gets in, then the whole government could be compromised.
On the other hand, is there any advantage to be had from a security PoV from hosting websites in Kenya? Is there say a Data Center in .KE that can withstand a well co-ordinated DDOS Attack on its infrastructure?
Not one.
As an example, this ( http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes.aspx ) DDOS attack on CloudFare sometime back was generating around 400GPS of Traffic. If this was to be directed to our one data center, then KRA, CBK, Immigration, County Revenue sites etc would all be down.
So as we put all our 'eggs' in one basket we better watch that basket really really carefully.
Regards
On Fri, Jul 25, 2014 at 11:05 AM, Mwendwa Kivuva via kictanet < [email protected]> wrote:
All State-owned websites will be hosted locally in order to curb rising cases of cyber security attacks.
This was a key resolution at a crisis meeting held on Thursday between top security officials and the Ministry of ICT.
Held at Communication Authority of Kenya (CAK), the meeting was called to discuss the safety preparedness of the government to handle cyber attacks.
It comes just days after hacking of the Kenya Defence Forces’ social media accounts including the official email account of the military spokesperson Emmanuel Chirchir.
In attendance were ICT principal secretary Joseph Tiampati, representatives of the National Intelligence Service, Kenya Defence Forces, CID, CAK director-general Francis Wangusi and ICT Authority chief executive.
http://www.nation.co.ke/business/Cyber-Security-Attacks-ICT-Ministry/-/996/2...
______________________ Mwendwa Kivuva, Nairobi, Kenya twitter.com/lordmwesh
"There are some men who lift the age they inhabit, till all men walk on higher ground in that lifetime." - Maxwell Anderson
_______________________________________________ kictanet mailing list [email protected] https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/ngigi%40at.co.ke
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- *Regards,*
*Wait**haka Ngigi* Chief Executive Officer | Alliance Technologies | MCK Nairobi Synod Building T + 254 (0) 20 2333 471 |Office Mobile: +254 786 28 28 28 | M + 254 737 811 000 www.at.co.ke
_______________________________________________ kictanet mailing list [email protected] https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/adam%40varud.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.