It looks like the sites will be hosted by CAK internally. Of course, that's a recipe for monoculture and some serious problems around stagnation of eGovernment products. Smarter would be: 1. Have compulsory training on basic security for all government employees who work in an office. 2. Get all government employees on a modern OS (OS X Mavericks, Windows 8, Ubuntu 14.04, Android 4.4, iOS 7, etc..). Any hardware than can't support these OSes should be auctioned off. 3. Turn on two-factor authentication wherever possible 4. Aside from totally sensitive information (CBK, MoD, office of President), put everything on a local public cloud like Kili (http://kili.io ). 5. Use vendors to do application implementations that are NOT the hosts of the application (i.e. Seven Seas should implement but not be the host and Kili should host but not write the application - this prevents lock-in and staleness which leads to security holes). 6. For deeply sensitive stuff, deploy private clouds that are not connected to the Internet. Some vendors locally can do this (including Kili of course). -Adam -- Kili - Cloud for Africa: kili.io Musings: twitter.com/varud <https://twitter.com/varud> More Musings: varud.com About Adam: www.linkedin.com/in/adamcnelson On Fri, Jul 25, 2014 at 11:05 AM, Mwendwa Kivuva via kictanet < [email protected]> wrote:
All State-owned websites will be hosted locally in order to curb rising cases of cyber security attacks.
This was a key resolution at a crisis meeting held on Thursday between top security officials and the Ministry of ICT.
Held at Communication Authority of Kenya (CAK), the meeting was called to discuss the safety preparedness of the government to handle cyber attacks.
It comes just days after hacking of the Kenya Defence Forces’ social media accounts including the official email account of the military spokesperson Emmanuel Chirchir.
In attendance were ICT principal secretary Joseph Tiampati, representatives of the National Intelligence Service, Kenya Defence Forces, CID, CAK director-general Francis Wangusi and ICT Authority chief executive.
http://www.nation.co.ke/business/Cyber-Security-Attacks-ICT-Ministry/-/996/2...
______________________ Mwendwa Kivuva, Nairobi, Kenya twitter.com/lordmwesh
"There are some men who lift the age they inhabit, till all men walk on higher ground in that lifetime." - Maxwell Anderson
_______________________________________________ kictanet mailing list [email protected] https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/adam%40varud.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.