| Syl 的个人资料TransAfrica2000 - Securi...照片日志列表 |  工具  帮助 |
|
|
6月26日 ICT TECHNOLOGYIT IS TIME TO CREATE AN AFRICAN CYBER COMMISSION UNDER A AFRICA HOMELAND SECURITY CONCEPTAFRICA NEEDS TO SERIOUSLY EMBRACED TECHNOLOGY & SECURITY
TODAY`S ECONOMY AND GROWTH IS DRIVEN BY EFFICIENT ICT INFRASTRUCTURE By Syl Juxon Smith African leaders and its various working organisations must critically start seriously looking at the setting up of a CYBER COMMISSION structured under an AFRICA HOMELAND SECURITY…..a new initiative I am proposing to combat the ever growing Cyber crimes including DATA theft and hacking, now becoming a daily event and a profitable venture for the ever sophisticated criminal enterprises breeding a new mindset of individuals, whose callous and well organised actions is affecting the very foundation of both the electronic e-business, normal day to day business activities;- banks, financial institutions and governments national security integrity. This is a growing trend very troubling and must be nipped in the bud earlier, or gradually it will become a serious cause for concern, leading to one of the greatest threat already casting its shadows on every profitable gamut of society which will eventually engulf developing and potential African countries, their networks, national spectrums, polluting the very basic communications layer that will be very costly to challenge and rehabilitate in the long run. Also will affect and disrupt government activities relying on effective and efficient data transmission and digital security management. No organisation, business or government can be safe today with the kind of threat the internet, intranet and communications is posing especially to the African environment with virtually nothing to manage and counter cyber threats. 85% of our present activities are supported by communications and technology in convergence. This must be properly acknowledge to understand the kind and levels of threats and danger that come with it. Each African country must start looking at creating its own CYBER SECURITY TASK FORCE to have a better perspective of the level of penetration in all spheres of communications and networking to come up with adequate solutions. This local organisation shall then be affiliated to the international bodies for support which needs some degree of confidentiality and integrity to be effective. Africa is a continent comprised of diverse countries, each of which is developing at a different rate, many of which are dynamic emerging economies especially Ghana, which is rapidly becoming the beacon of light and hope in dynamic transformation, economic and human resource capacity growth. Most economic growth in the developed regions is driven by information and communications technology (ICT). We must follow a well define ICT agenda with cost effective integrated solution concept for modernisation of communications and technology highways in Africa. What is less widely understood in modern society is that all economies are information economies, which Africans, governments and authorities must clearly understand and embraced for development, progress and security. The free flow of information lowers the barriers to economic activity and stimulates growth and productivity, even economies that we do not normally regard as fully developed. Connectivity and accessibility is the key enabler of the information flow that defines modern economies. It is also the key enabler of an ongoing economic transformation in many major developed countries as well as African countries. Choices are very paramount for African economies in deciding strategies for infrastructural implementation and back haul to support continuity. Secure, reliable and highly scalable systems with global connectivity is a necessity and the core objective, supporting all traffic payloads, with scalable high speed data rates, while offering seamless integration to all other both private and governmental existing network architecture. . Africa needs to shape the regulatory framework to set the environment in which countries can import technologies which can compete; set technical standards, and substantially broaden African access to value-added information services. At the moment, Africa commands little attention among developed technologists and countries, leaving the field open to those who might wish to take a commanding leadership role quickly and, perhaps, largely unchallenged. It is true that these African markets lag behind those in East Asia, Latin America, eastern Europe, and the states of the former Soviet Union in their development. But, they offer incredible opportunity for the long-term. Rather than still adopting the old way of doing things and thinking is we must substantially increase the exploration, development and use of our abundant energy and mineral resources as a basis for aggressive developments and challenges. Did You Know…? An estimated 30% of all villages worldwide still have no access to telephone services. (ITU) There are over 324 Million mobile subscribers in Africa. AFRICA NEEDS TO SERIOUSLY EMBRACE TECHNOLOGY & DIGITAL SECURITY Human Resource Capacity Building in ICT as a Vocational Concept Is Inevitable and the Only Solution to Development & Growth EXPORT OUR POTENTIALS AND IMPORTING THE REWARDS IS THE WAY FORWARD 5月5日 TRACKING-TAGGING & LOCATOR SYSTEMSASSETS TAGGING - VEHICLE TRACKING - PERSONAL LOCATORNEW SERVICES COMING TO GHANA AND OTHER AFRICAN COUNTRIES SOON
RFID Electronic Article Surveillance (EAS) SystemsRFID-Radio Frequency Identification Technology is the one of Automatic Identification technologies. An RFID system comprises a reader, one to several antennas, a host system and a tag with data. RFID is now making headlines in the business world as the "next frontier" of supply chain efficiency. The application of RFID has revolutionized the way businesses manage their assets-from the manufacturer to the distributor to the retailer and finally to the consumer. Companies have realized tremendous competitive advantages from our RFID solutions including:
With our strategic partnership with product manufacturer specializing in RF technology and application experience, we are able to provide superior lead zones for precise and uninterrupted tag-fixed reader communications in RFID application. We can design and manufacture HF/UHF etched antennas and RFID labels according to customers' requirements, as well as open series of RFID products and RFID solutions. We offer various modules of RF EAS systems with a sturdy, open-look design for meeting any retail requirement. Advanced technology, high anti-jamming, and rate of detecting ensures effective detection performance across exits up to 1.6m-2.2m in the application of supermarkets, boutiques, bookshops and other distribution shops. If you need to improve, we can design new module to be compatible with existing tag styles and deactivation equipment as well as to enhance performance. The characteristics of system covering:
Asset management is a critical function for public safety agencies, companies, businesses, security agencies, parents, children etc. One that relies on internal, mostly manual, business processes, to protect, distribute, safeguard, and account for the tools that enforcement, emergency, judicial and other public safety agencies depend on for critical business operation. An automated asset management process manages the assignment, sales and allocation of assets – assets that are closed loop assets, meaning they are checked out and returned for accountability, shelf products for sales. With technology advancements, organizations and businesses can now track these assets with wireless communication solutions that do not require manual intervention and can operate without a line of sight requirement and monitored during sales within shopping malls, supermarkets, boutiques etc.
HARD TAGS: One time Investment & Repeat use for Clothing, Shoes, and Hats, Bags and other Merchandise
LABELS (Non Reusable after Detaching)
CILCK TO FULL PDF VERSIONCONTACT US FOR MORE INFORMATION2月23日 Identity theft is rapidly growing in African CountriesCyberCrime is becoming a lucrative business in under developed countries due to lack of policy direction and effective forensic law enforcement standards in ICT related crimes.Cyber criminals are using countries without data protection act, stringent policy and poor law enforcement to commit their crimes, and therefore identity theft and other similar crimes are on the rise. This is how they make their money with minimal risk. Less aggressive legal penalties are attracting organized gangs away from the west to a crime which they consider to be relatively safe with little consequence in Africa. Cyber crime is taken as a “non-event” within the third world countries. It is now showing its ugly side and becoming newsworthy. But many victims mainly the financial institutions and banks are scared stiff to report such activities because of the stigma and effect it will have on customer relations. They prefer to cry silently and pass on the loss on to the consumer in many ways of taxes and charges. There must be better form of consolidation in the IT security industry for 2007 to curtail this menace by employing strategy to expand and develop professional services capabilities in technology and security. “Security is key and fundamental to what we do in today’s business and commercial environment. Business continuity, security and governance practice is very essential for all corporate executives and government officials and institutions. There must be greater investment in security. “Security is not just a business advantage necessity. It should be part of a company’s DNA, as crucial as human resources. If you don’t invest in it, you will fail”. Threats are becoming more targeted. “We are seeing many more targeted attacks, especially in phishing”, which was resulting in a rise in identity theft. Criminals are beginning to attack applications now, as opposed to the operating system. There are many recent example of the vulnerabilities discovered. I have a duty of care to help educate people about security. I am helping the smaller people to educate the smaller organisations and the entire community. When the large company start taken the necessary precautions, phishing attacks will hit the smaller companies instead. If the government won’t step in for security, we’re just going to have to do it ourselves. 2月9日 ICT CRIMES AND THREATS ARE FROM WITHINInsider cyber crimes are carried out by disgruntled, paranoid and under performing staff
"This whitepaper analysed insider cyber crimes across critical infrastructure sectors within the public and private sector, commercial and industrial sectors and SMEs in Africa. It showed that insider sabotage was in virtually 100% of cases carried out by people who are disgruntled, paranoid, generally show up late, argue with colleagues, and generally perform poorly. It also shows that eighty-six percent of them held technical positions and ninety percent had system administrator or privileged system access, then you have to start asking questions. After all we’re talking about individuals now turn into a social group who relate best with ICT machines".This is a very serious and rapidly ever growing problem for Africa. Justifiable reason is that it lacks comprehensive ICT security plan or template factured into daily operational standards. As a way out we entertain ad-hoc approaches which manages to offload our psychotic thoughts to somebody else, so he or she – and trust me the “she’s” are just as bad as the “he’s” - is not your problem anymore. Well here’s the good news – only forty one percent of those who sabotaged IT systems were employed at the time they did it. And the bad news – Yes you guessed it – the majority of the insiders attacked following termination. In fact a whopping fifty-nine percent of the insiders were former employees, fifty seven percent did not have authorized system access at the time of the attack, and sixty four percent used remote access. Those VPNs are such wonderful things! Many used privileged system access to set up the attack before they were terminated, primarily taking advantage of a lack of security controls and gaps in their organization’s access controls. The bottom line is that most organisations are leaving themselves totally exposed by not paying due care and attention to the people who are charged with looking after their systems and applications. To compound the problem many organisations are rushing to outsource the responsibility in order to achieve cost savings, not realizing that the individual who you may have sacked may now be working at the outsourcer, or somebody else’s yester ICT problem shooter is now going to look after your assets. Every system, application, database, networking device, in fact everything in your infrastructure has a privileged account that grants the individual who has access unlimited power. So what is a privileged account? A privileged account is generally an account that has been created in order to manage a system or application, and because it is a generic account it has three important characteristics: 1. It is all powerful 2. It is anonymous 3. In virtually 100% of cases it can only work in combination with a password. It is intended to make it possible to undertake management, or carry out business critical tasks related to electronic information. The Privileged User falls into three categories Administrative and Pre-defined accounts – These are accounts that are created by the system or application. Examples abound such as the Windows Administrator, the UNIX root, the Cisco enable, and one can go on and list virtually every system and application on the market which has a Pre-defined account. Shared Accounts – These are accounts that are generally created by an organisation with the express purpose of allowing a group of users to carry out Privileged tasks. For example organisations will frequently create a shared account to provide access to a pre-defined account. Embedded Accounts – These are accounts that are commonly embedded in applications, such as batch jobs, database applications, scripts, service accounts, and the like. Increasingly IT Security officers are realizing that this represents one of the greatest risks both to their organisation, and to the individual’s role. Privileged accounts are the easy target for anyone wishing to cause disruption because generally one can hide their identity behind the anonymous account. Additionally because there is no way to secure these accounts other than with a password (we’re not talking about individual user identities that can be secured with various token based systems), and even if someone goes down the insanity route of assigning these privileges to specific users, the privileged account is always there. Being password based it means that there has to be a process in place that changes the password on a regular basis but then if this is manual it might be a cases of the lunatics guarding the asylum. In order to ensure that an organisation protects its interests, it must ensure that clear policies and standards are in place to manage and control who has administrative access. Ultimately the most effective approach is to ensure that the number of Privileged User accounts on systems is kept to an absolute minimum. In other words do not start assigning users privileged access. Practice has shown that once the number of individuals with privileged access exceeds three, it becomes exponentially difficult to mange the process The more Privileged User accounts that are defined the closer the auditors are going to look at the policies, and especially the adherence to the policies – which might not be a bad thing. Other areas to consider are ensuring that users are only given access if all the conditions are correct, such as are they on duty, are in they in an appropriate location (releasing privileged passwords to the user in the Internet Café with VPN access is not appropriate policy no matter how urgent the situation). Changing passwords regularly is a necessity, and not repeating passwords within certain time periods is a must. Also it becomes critical to maintain old passwords (version control) in a secure location since you never know when a particular system needs to be recovered. It is important to understand that an organisation should allocate privileges on a restricted basis, such as on an event basis, or a need to use basis, and that a detailed record is kept regarding what privileges have been given to whom, when, for what purpose, where were they when this was given, and who approved this request – for every single event. And of major importance ensuring that all authorisation processes are completed, in the correct sequence before Privileged User access is allowed. There are countless situations regarding the use of Privileged User accounts, and there are many technical solutions created to try and protect the privileged systems and applications to ensure that they are not vulnerable, but ultimately it is impossible to ensure that an infrastructure can be built that is 100% secure. It is therefore imperative that the strictest controls possible are applied to providing access to the Privileged User passwords that are the keys that are needed to open each and every privileged account. So as far as doing the right thing, I’d suggest that you start from the basis that your IT staff are the biggest risk to your organization’s security, and if anyone of them disputes this, remember that arguing with colleagues was one of the clear signs of an impending attack! And automate the whole process. If Privileged Password Management is not on your shopping list in 2007 it may already be too late!
1月19日 Talking about Bridging the Digital and Economic Gap
Quote Bridging the Digital and Economic Gap 1月17日 Bridging the Digital and Economic GapHomeland Lessons to Learn By Syl Juxon Smith We have close yet another chapter in the African continent ushering a new one. Lots of things did happen, war, peace, AGOA and NEPAD initiatives, new economic potentials, (Oil Boom, Gold finds) last but not least topping the table is the digital revolution. These occurrences have a place in history as well as making use of the experience in developing blue prints and strategies for the future that is worth reflecting on. From the negative perspective to the positive influences that has contributed one way or the other in shaping lives into another year and living its indelible imprint on the sands of time. If Africa is to be given an award, it would definitely be for its perseverance, steadfastness, tolerance and strength in surviving the negativity of impunity, corruption, bad governance and injustice. Putting self before country is the politics of the problem, all in the mighty name of self aggrandisement on the pretext of democracy and on the expenses of the lives and suffering masses, still living in abject poverty, squalor and in refugee camps spreading all over with limited or no access to information, technology or education. Almost everyone in the developed countries has access to ICT, whereas in sub-Saharan Africa, overall fixed line density is about 1 to 130 inhabitants while Internet, Computers, and Television are available to only a handful of elites, privileged and those living in urban environment. The plight of African nations continues to be so pathetic and demoralising because we put so much focus and priority on aid rather than on our vision. We rarely develop coherent policies or programmes with national mobilisation effort and participation rather greedily pursuing dictatorial emergency support strategies when the situation does not even constitute so. Africa to be dependent on aid and donor support for its survival with all its abundance and richness in minerals and other resources capable of sustaining the whole continent if managed well is an indictment that we shall one day be judged by posterity. We must realise first and foremost that the major goal of the information society is to seek to achieve the bridging of the digital divide between the developed and developing countries and among the urban and rural areas with a view to transforming the digital divide into digital opportunities so that no individual or community is left behind in the ICT revolution." Our success and demise in businesses, entrepreneurship, and what ever avocation we are engaged lies squarely on our define approach and attitudes to succeed. In fine, human and social development must be part of our daily prayer and conviction. My concern here is the growing trend of nepotism, favouritism and partisan politics in the way decisions are concluded in the award of contracts, privileges, jobs and aid assistance to individuals and groups which continues to affect progress and stability. This attitude must change for much more positive and rational approach in "giving unto Caesar what is Caesars". Communication and information technology is a moral asset and obligation we owe to ourselves and to society at large. How we disseminate information determines the level of success an individual, governments or institutions achieves. An appeal to governments is to change the way you do things with regards to priorities within the economy which form the backbone of any development that can shape the human resourcefulness and manpower capacity to grow if only this is what we all want it to be. There is everything to be proud of in terms of assets and resources including manpower which Africa is richly endowed with. Look more on the indigenes and passionate ones and create more opportunities and benefits by ensuring that Africans who feel strongly about Africa be given priority and opportunities in areas where they are competent and can excel, or contracts they can perform without any inhibitions or partiality based on favouritism, inferiority complex and self aggrandisement. There is still room for such tendencies of greed as no one is perfect, but let us look at the greater picture rather than the selfish, short term and personal gains in every instance. Politics and ICT Today the greatest transformation in the history of human political, social and cultural systems of the human race is now taking place, the digital age. We are moving into an era in which the methods by which we define ourselves and by which we are defined by others are undergoing change. The forces that are driving that change are complexes interpreted in paradox which has political under tone, its positive benefits to society, and the personal issues arising from the less privilege and uneducated majority caring more about their deprivation of rights and fear of not knowing were they stand or heading. While the continent is battling with these challenges, it is further confronted by lack of proper blue prints, indecision and lack of will, thereby placing it in a dicey position of how to share the meagre resources between the basic necessities of life and provision of ICT infrastructure. This situation underscores the need for concerted efforts at national, regional and international levels to address the imbalance and the challenges of this development an initiative for both the private and public sector. Donor Support Let us retrospect and reflect on statements about development assistance fund to Africa's ICT initiatives made at a press conference held at the World Summit on Information Society (WSIS) by Dr Peter Watson, the president of OPIC, in which he said that "The facility will be used to support US investments in the telecommunication and ICT sectors and assist countries in overcoming the digital divide. Dependable infrastructure represents a cornerstone for sustainable development in emerging markets," said Watson. But David Gross, the US ambassador to WSIS, confirmed that his government was not interested in backing the much-touted Digital Solidarity Fund (DSF) "since it has no concrete plan on how the funds are going to be distributed". "We want to invest in a government that is democratic and progressive. The DSF has not spelt out a plan on how the money is going to be channelled and who the real beneficiaries are," said Gross. This is a very serious indictment to the anticipations and hopes and aspirations of the African networks of ICT players and enthusiasts. Private Sector The private sector presently has greater capability than government to direct the course of ICT, handle, correlate and distribute personal information, maintain and support infrastructures, design specifications for efficient networking making the individual and businesses including users much more confident and comfortable. The private sector taking the lead is the only sustainable option for this industry to grow into the future. Government must not look at communications from a subversive perspective or try to dominate its course as I always iterate and will continue to highlight. Their role is to set the pace by creating feasible, flexible and impartial policies and enforcing stringent control for strict adherence to conformity for a uniformity of conduct. The digital revolution we are clamouring for and business is driven by serious ethical parameters that must be adhered and respected for greater success and progress. Society is based on the rights afforded the least. This is as true in many other countries take for instance big brother the United States as it was in Iraq under Saddam. Governments All governments tend to operate in the manner of tribes. The bureaucrat surrenders his or her internalised superego to domination by an externalised superego. In everyday terms this means that the individual conscience is replaced by a collective organizational conscience. Bureaucrats do what the organization tells them to do. Guilt about their actions only takes place when they are held to account. When mistakes happen as the result of the failures of government, bureaucrats are not often held to judgement, and when they are, other bureaucrats judge them. The individual seeking self-actualisation will not find it in a bureaucracy. Using the American model of democracy is necessary to inculcate as we imitate. Their founders knew this when they established a system of government. Government was to be one of limited powers, and those powers where divided between three branches, because they did not trust government. The higher object of the government was to preserve and protect personal liberty. The lower object of government was to secure safety and security. The higher object is sometimes sacrificed to the lower object at times of national stress. As we enter the Digital Age new systems and tools are being developed that enable bureaucracies to make determinations about whom and what we are. These determinations are being reached without our knowledge of them, and affect our rights and liberty. We can think of this activity as a kind of Star Chamber, in which individuals are forced to submit answers to questions without knowing the nature of the charges that are being brought against them. When this process is performed using digital databases, without the knowledge or consent of the individual and determinations are reached that affect their rights and liberty, the result is somewhat akin to holding a person in a secret place without charges. The psychologist Eric Erikson deduced that there were 8 stages of life to overcome. All of these stages deal with an individual's sense of personal identity. As we move into the Digital Age, we are in danger of losing control over our own identity, as the result of the uses of information over which we have no control, and which in some cases information is inaccurate, all of which has been compiled by bureaucrats. Government can send us to war, to jail and to poverty. Each of those capabilities can be manipulated for personal or political gain. To the extent that private enterprise has shared in those powers, abuse occurs at least as regularly as it does when there is no private sector involvement. Prior to our entry into the Digital Age, we had moved away from the spiritual and philosophical basis upon which our nation was founded. The guiding concepts were that each of us was created politically equal, and that certain rights were beyond the power of government to regulate. To effect the creation of this system, a government of limited powers was created, deriving its just powers by the consent of the people. The system was derived from a concept of natural law, which saw that each individual was by nature free to do whatever he wanted to do, but that for the advantages to be derived from mutual commerce willing surrendered certain rights. In this scheme of things each individual is a whole; it is government that is limited. Paradigm Shift In Africa abuse of government power occurs as frequently when private enterprise share in power, as when government acts on its own motion. Government power does not operate in the absence of interest groups. Each bureaucracy has an associated private interest that caused the bureaucracy to be created. The difficulty in determining a proper course of action is that the arguments of private interests must be separated from the public interest and weighed in a balance. Many of the problems that we have lately encountered as a continent have their cause in the fact that the public interest, in the form of bureaucracies, have been wedded to private interest groups. A case in point is the American company ENRON. It was prepare to spend millions to finance political candidates than to pay taxes, for in funding candidates it did found it did not have to pay taxes or to be subject to government oversight. A partnership between a private sector company and the bureaucracy affected the loss of the savings of millions of people. The problem in perspective is the power that technology gives, whether it is to government or the private sector. The response to that problem must be a clear set of rules as to what government or the private sector can collect, what they can use it for and how long they can keep it and the individual's right to know what has been collected to and correct it. Additionally, the system must have audit controls that capture efforts to circumvent it. Africans do not understand the nature of the problem because they have no reference point by which to understand it. It is in the interest of business to engage in the processes. It is not in the interest of business to disclose the nature of their actions. The rules that are in place are not being enforced. The people affected by the processes do not know that the process has affected them. The process and the affects are not being disclosed. What I envisage for Africa is to use and manage technology to develop and progress within its various institutions not to reflect an attempt to judge people, and control, manipulate, and exploit them. The Nigeria ID scandal is a point in reference for every African leadership to reflect on and learn from the determination of President Obasanjo. I am really impressed by his courage. From my own knowledge of the industry and assessment, the amount awarded for such a contract is too colossal and exorbitant for such a project. I don't want to go into any mathematical calculations in defence but can wait for an opportune moment for debate. Even the amounts officials were purported to have been given as bribes are pittance to trade their dignity and sovereignty for. I remember a statement from a European boasting that every African leader, politicians and civil servants has a price. You can get anything or contract for the right kickback which you can easily put on your overall figure, in a way the businessman is not loosing anything, it is the government or institution paying more for his requirements. Word to a Wise A point of caution to governments, the big names in the industries vying for African contracts cannot solved the problems or develop the proper concept solutions for our progress. They have been in the continent for the past 30yrs, why is our problem growing rather? They sell us systems that are obsolete, do not meet our standard requirements, infrastructures without services or proper training of our manpower. They do not bring capital injection into our ailing industries, but business plans and management formula we have to pay for. Do you want to tell me there are no competent Africans to develop business strategies that can withstand the local realities? This behaviour is part of the vices that is crippling every development project or vision. I will plead to the African leaders to lead by example setting positive standards in the awarding of contracts giving priority to Africans participating. There are always indemnity clauses if one fails to comply, which means no risk taking as some always complains using this factor of non performance as an excuse. Additionally, as our needs for developments grow I predicted both the scope and potential size of the industry and the awards of contracts will actually grow. We must encouraged by the timely exposure of the Nigeria ID contract saga the selection of our own local consultants and provider of technology services taking the leading role in working hand in hand with big industries and at the same time be a local adviser to government in equipping its bureaucracy making the right decisions which will finally reflects the aspirations and needs of its people. These events in Nigeria as well as others in Ghana are strong indications that leading governments throughout Africa are serious about the threats of corruption, and the impact on the political dispensation and the effect on its image and national security. Conclusion My Statements in this release relates to future plans, events or performance are forward-looking statements reflecting African entrepreneur's current expectations, assumptions and estimates of future recognitions and full participation in the economic realities of the continent. Forward-looking statements are made in projections and advice. Cautions to governments and investors that forward looking statements involve risks and uncertainties that may cause actual results to differ materially from those expressed or implied in such statements. Risks and uncertainties include, without limitation, those related to: the ability of individuals and African Company to prevail in maintaining award of contracts, and achieve targeted purpose. Government and commercial customers; the development of the marketplace for fair play; the ability of the Company to successfully compete for and be awarded certain major domestic and/or international government contracts for products and services; the ability to complete projects development on a successful and timely basis. In our fiscal year between 2003 to 2005 alone, Africa awarded several large contracts for products and services close to $10 billion or more to external companies. While total aid to Africa is well under $2 billion dollars. It is only and approximate, it can be well over figured. This is one of the factors responsible for our economic deficit in annual GDP that cannot correlate our aspirations and budgetary analysis. Our expenditure is greater than our income. Even the aid given goes back to where it came from in terms of condition which we do not have or exercise control over. Beggars have no choice? The way forward is to try and develop coherent policy and programmes that can reflect our potentials, ability, talents and vision for a progressive Africa.
1月3日 SECURITY WHITEPAPERICT SECURITY REALITY INTO 2007 – A Time to be Proactive The one thing you can count on to be constant is change, especially in communication, information, technology, security and business. And, as the pace of change continues to accelerate, executives, stake holders and organizations need to be increasingly agile in the face of sudden market shifts, new competition, changing customer behaviours and fast-evolving technologies, standards and security threats. Agility requires having to change processes and rules more frequently, and constantly finding ways to leverage new types of information and complex new combinations of information -- including existing enterprise information from mainframes, legacy applications and metadata, plus an unprecedented flow of information from outside the enterprise in the form of supplier, industry and customer data. New data collection technologies up-the-ante even further. Web services have dramatically enhanced our ability to collect new types of data from outside the enterprise while Radio Frequency Identification (RFID) initiatives promise new magnitudes of unique real-time data that somehow has to be consolidated, cleansed, transformed and deciphered. Urgent Need to be Proactive Here's the problem: IT complexity is outpacing the ability of governments, businesses and enterprises to keep up. There is now more sources of information to harness, more data to integrate, and more people clamouring for more types of information (faster, better and cheaper) than ever before. IT departments are already challenged to react. Changes in information conditions, requirements and environments are coming too quickly and resources are often too stretched to adapt fast enough. IT departments have reached the point where the only recourse is to shift the burden onto existing systems with people providing the direction. Regulatory compliance, internal attacks, and the vulnerability of electronic communications especially instant messaging and e-mail are among the key factors reshaping data security systems and posing a great deal of threat to Africa`s infrastructures and critical mission systems. Companies and organizations are failing to provide rigorous protection of customer and client data.
Observations: Ø There is no compliance strategy reshaping business and corporate security practices. Ø Security attacks are becoming increasingly more sophisticated, yet basic passwords continue to be the most common line of defence.
Ø Security breaches are increasingly coming from within. (White collar crime)
Ø Vulnerabilities in operating systems and applications - including the use of instant messaging - continue to be common points of entry.
Ø Concern continues to grow over privacy and identity theft, yet organizations are failing to provide rigorous protection of customer data.
Ø Companies are not taking a more structured approach to information security and making it more of a priority. Many companies are beginning to see the benefits in leveraging new technologies to proactively assess and manage threats and vulnerabilities but are not consolidating, integrating and securing applications to improve integrity and productivity.
Ø Regulatory Impact
Ø It is very essential for Africa to adopt compliance requirements like Sarbanes-Oxley, HIPAA, the U.S. Home Security Act and the U.S. Patriot Act to guide and build on national, corporate, commercial and industrial security practices.
Ø Authorities must view regulatory compliance as more of a governance issue than a technology problem.
Ø Government regulations must put pressured on companies and the public and private sector to adopt a more structured approach to information security.
Ø There must be stronger punitive measures and constant threat of government penalties in other to achieving regulatory compliance an information security priority.
Ø Maintaining compliance is a main catalyst of security-related purchases that will make companies and institutions more cautious about their use of security hardware, applications and services.
Ø Security attacks are constantly evolving, making it difficult for to stay one step ahead. Threat Perception and Attacks-are very professional coordinated.
Ø For example:
Ø Malicious intent is a concern. Companies and businesses vulnerability stem from the lack of a well-defined information security strategy or managerial involvement in security practices and policies.
Ø Budget constraints are also responsible for susceptibility to security breaches.
Ø Significant damages attributed to actual attacks - financial losses, security incursions and identity theft - are common.
Ø Planted spyware code, however, has caused slowdowns in network performance and employee productivity.
Ø Viruses affected two-thirds of businesses.
Ø E-mail is proving to be the launching point of assaults, with falsified information in an e-mail attachment as the primary method of attack.
Ø Major financial losses were experienced through out Africa`s congloromats, financial institutions, businesses, private and public sectors, but were kept under the carpet because of the threat of customer`s confidentiality and loss of clientele credibility.
Ø Security Tactics
Ø As a result of the vulnerabilities with instant messaging and E-mail, electronic communication has become a major focus of employee monitoring with attachments and content of outbound messages carefully scrutinized. Basic-user passwords still remain the most prevalent method used by ICT users to protect themselves against security breaches. Informing employees of privacy or behaviour standards, posting privacy policies online and using secure Web transactions are the steps to be taken to safeguard the privacy of customer data. In addition survey reveals that:
Ø There is virtually no effective monitoring of workers.
Ø Less than 2 percent have created the position of chief privacy officer and less than 5 percent have conducted privacy policy audits to ensure there are adequate guidelines. In fact, practices concerning the security of customer data are categorized. Data Security & Cyber Terrorism No business can survive without customer trust. Which we are not taken seriously in Africa. In today's computerized economy, customers trust companies with a lot of sensitive personal and financial information. Any breach of data security that would compromise that trust can have a devastating impact on the company's reputation. More than five years after 9/11, more than half of European and first world business leaders are still worried about terrorism and its impact on the global economy. We are too complacent to risks and threats factor only trying to maximise profits not worried about data security and cyber terrorism. As usual the consequences and loss is always pass on to the consumer in various economic formats. What adequate mechanism have we put in place i.e. a crisis management plan and security plan to ensure early warning signals?
12月28日 Africa’s ICT Revolution-A Dream or RealityCOMMUNICATIONS FOR DEVELOPMENT AND SECURITY Communication is education, education is information and information is progress and development. Any individual, governments, institution or country that is not progressive, is not creative and lacks vision. A people or nation without vision cannot survive or succeed on its own. He is like a blind man waiting to be lead. Africa is always waiting for things to be done, rather than taking the initiative in its own affairs. The state of its communications infrastructures and services today is still nothing to write home about. Very erratic, appalling, systems in chaos and disgraceful management taking into consideration manpower, intellectual, and mineral and human resources which should have given the leverage in making the necessary sustainable investments to move a nation and the continent forward. For as long as we continue to neglect communications and security in technology, we indirectly neglect education and progress. We will continue to degenerate and remain backward and unproductive for not paying rapt attention to the positive global language of ICT. Priority must be endorsed in our fiscal budgetary for communications and technology in security in our educational system and institutions. A mechanism must be put in place:- 1. To regulate and standardised more effectively the industry. 2. Map out a clear agenda for national development and countrywide satellite coverage plans. 3. Commercially viable cost effective projects in line with developmental policies. These issues should be in line with providing and directing investments in communications within a broader spectrum rather than the present status quo making it a privileged rather than a priority. Africa is not getting a fair deal in the global communications stakes because we do not have an African initiative or any viable agenda with a vision. We need to adopt first of all an ICT & SECURITY plan that is inclusive of the ingredients to promote growth, which will in return, brings the profitable dividends. Manpower investments strategies through institutions and the bureaucracy. INVESTMENTS Government must stop looking at communications from a subversive perspective. Because of the lack of effective monitoring infrastructure in place to control communication investments, updated (frequency) management planning facilities, governments tend to be apprehensive to better and radical proposals for partnership, upgrade or overhauling of existing systems. Investors or local entrepreneurs are viewed negatively in their quest to develop proper local independent satellite networks into villages, big towns and cities. African governments must allow the visions of its people and partners to prevail and flourish. This can only be for the benefits of its people and the African continent. CNN is a privately own organisation that started humbly in America by a man called Ted Turner with only a great vision with less initially capital. Today it is the biggest news media in the world incorporating big names in the print media like Times. Who would have predicted that to be possible today? It is not impossible for Africa. We must be more encouraging and positive to others dreams for a better Africa. Looking at long term gains with continuity and benefits for all, rather than the present notion for short term benefits for personal gains with always disastrous consequences. THE FUTURE The scientific approach by Nigeria's plan for its own space programme first and foremost is laudable. The thought must have been born from a vision. And with time, it will be guided to its fruition. It is about time we take up the challenges of today in other to progress tomorrow. Opportunities for communications investments in Africa are so many. The only obstacle is not having a priority and knowing what we really want or need. As I mention earlier, governments with clear cut agendas and standardised regulatory system can attract a lot of investments. PRIVATISATION Privatisation is very good for countries without proper basic infrastructure to serve its populace. How we approach this issue is what should be carefully considered and looked at seriously. Countries must first of all set themselves details of priorities within their communications sector. First of all what are they hoping to achieve by privatising and what is the time factor involve in achieving its objectives. This is very simple without jargons. By having a good deal in privatisation can bring you good results in improving standards of both the infrastructures as well as the local technical manpower skills provided you take into consideration all of the factors that can be geared towards maximising your human resources benefits rather than economic profits which at the end dividend yield cannot be sufficient to train a good local technical manpower base work force for continuity. Creating an affordable programme locally is not a short-term project. As you know in standard banking conditions to obtain loan, the longer term the loan is spread over the smaller the monthly repayments. The interest is determined by day, monthly or yearly payment plan. These as well are factors that at the end can help us in determining our solution in making communications cost effective and affordable. Mobile phones have greater impact in countries without proper local infrastructure for communications. Individuals, businesses, security agencies and institutions have to communicate. With this in mind you have no alternative when there is only one choice a mobile phone. At least it has foster positive dialogue and has contributed greatly to both administrative functions and personal functions. You can only make it better by improving on what is already existing by expansion. Allow only a certain number of operating cell sites within given towns and cities so that other areas can benefit as well. INTERNET AN OCEAN OF INFORMATION The Internet is a more complex issue. Even the developed world still has their own problems regarding the Internet. What we need to do in this instance is not to hype the Internet situation. First of all you need a level of basic education to enjoy the Internet. Taking into consideration our standard and level of education in Africa, it will be very difficult to create an Internet society. Again the financial implications. It is not a cost effective solution for a national plan. Though it must be seriously embanked upon within the institutional framework in its administrations to stay abreast with modern technology, innovations and standards. THE FOURTH ESTATE The African media professionals are nowhere to be seen or heard properly or distinctly only in controversial circumstances. Why not more from the positive perspectives? I always ask myself why? African businessmen must invest in communications, information and technology. This is the future of the world. The African businessman, politician or entrepreneur sees the journalist as his enemy in many circumstance. With this stigma it has made it impossible for investments. Nurturing the notion for a Pan-African network radio and television is a must like the aljeezera TV mainly for the arabs now has gone global. Africa needs it own public image machinery and that is a Satellite TV Network. This is the vision that can take Africa positively into the 21st century in peace and for prosperity. A positive dissemination of news, cultural exchanges, profiles and our kind of democracy must be seen and heard by all. Only then can we assist those that wrong their fellow man and hurt mankind to accept their frailties as human beings and change things which have not worked for us. Not to right the wrongs. The future must be seen from ahead not from behind. We must begin to share our talents, knowledge and resources for the good of us all in general and Africa in particular. Managing Infrastructure & Security“We are driven by our intellectual pride and lack of vision to many vanities failing to address the true ICT security scenario evolving in our societies around Africa”. SJS What lessons has Africa learnt??? In the aftermath of September 11th 2001, protection of Nation's critical infrastructure has become a primary focus for every Government, computers, telephones, mobile and wireless networks have been identified as a key element in nation's communications assets. As a result, communications, information, technology and wireless network security issues have moved to the forefront. In this document we will explore the critical issue of network security, outline solutions to the problems that exist, and allow the industry to identify areas that will require industry resolution. This information is designed for Chief Security Officers, CEO`s, Governmental security agencies, Directors and Senior Managers charged with addressing infrastructures, communications and network security issues. Wireless product operators, government task force and policy makers, network managers and policy representatives will also benefit directly from this blueprint. If super powers like the USA, Britain, Spain and other countries in the developed world can be so vulnerable to acts of terrorism and cyber crimes due to lapses, inefficiencies and deficiencies which were not properly and adequately addressed in their infrastructures could pay such a very high price both in collateral damages and human loss, then why are we not given this development of growing global concern a food for thought in Africa. Sometime ago Kenya and Tanzania were attacked simultaneously, in which many innocent people lost their lives. It was easy to forget. Recently a hotel was bombed and an aircraft was fired upon with sophisticated ground to air missiles. The threat is getting serious, spreading and becoming much more organized. Countries with weaker security infrastructures, poor ethics and lack of positive discipline or initiatives are very much susceptible to these gloomy predicaments that is now slowly shifting to under developing countries classified as SOFT TARGET. Countries of interest to fundamentalist organizations and criminal enterprises are no longer easily accessible for penetrations or attacks because of the lessons learnt from previous lapses, which have been analyzed and corrected putting the right mechanism in place. Africa is never serious with her infrastructural security. It is only when in an emergency situation it tends to respond with every given resource. It does not maintain in architectural designs structural plan that caters for security contingency. We are not talking about fire. In airports, harbours, high rise buildings and other modern construtions, it is imperative and a matter of legal emphasis to ensure that all buildings adequately include in their design proper facilities for its security i.e, CCTV, Access controls, sensors and fire alarm systems as basic features in today`s ICT revolution meeting the realities of modern technology. Airports, seaports and borders are of great concern to any country`s well being, economic stability, development, survival and paramount to national security. It is the gateway and entrance. If you look at the statistics of terrorism, rebel incursions, insurgencies and other acts of criminality, it always emanate from gateways or borders. Below is a blueprint that can enlighten and enable us understand this growing problem in a better and clearer perspective. An home grown concept for an African solution.
State Security, Industrial Security & Private Security The primary mission within an Integrated Security System approach is to assess and analyse the risks and threats that relate to the entire security and operational structure of businesses, industries, governmental institutions, security agencies, domestics and residential, resolve these with the correct technical solutions in a case by case scenario that reflects present realities. There must be included the introduction of secondary measures and structures relating to "Off-Site" and Landside feeder services, suppliers and contractors in organisations, businesses and institutions. There is to be included the evaluation of personnel skills and potential with the subsequent introduction of training programmes directly related to the needs of each department and the individuals within each department - ANY SYSTEM IS ONLY AS GOOD AS THE PEOPLE WHO OPERATE IT! Our solution is to integrate all those systems and parts as established and identified by our local and international Project Management & Coordination Committee/Group, into a single cohesive, fully interactive and integrated system. The systems will range from Fire Alarms to CCTV Cameras & Monitoring Stations, Wireless cameras and other applications including MICROWAVE TRANSMISSION, from CUTE to Biometric Controls and from Weather Information to A.F.T.N. & Public Address (including Autovac), PABX systems with special customise features, PIR detectors, INTRUDER Alarms, ETHERNET, Two Way Radio Trunking System (MPT1327) from 2 channel to 120 channels with encryption and PSTN options in simplex and full duplex mode. There shall also be included the necessity to investigate, design and instigate a cohesive operational strategy - where it does not already exist - encompassing all those relevant bodies and agencies who have a need to be aware of specific data and conditions arising at any time upon and within.
OBJECTIVES 1. Maximise deterrence against Criminal and Subversive Activities (The right choice of equipment). 2. Maximise information for dissemination to all departments and individuals - on a strictly need to know basis. (Mutual understanding). 3. Maximise Proof of Evidence for prosecution. (Capture of criminals). 4. Maximise safety and welfare of all personnel and staff. (Employee well being). 5. Maximise safety and efficiency in respect of movements of Persons, vehicles, cargos and associated operatives. (Tracking of Traffic). 6. Maximise comfort, well being and information systems for the benefit of clients, passengers & VIP's. (The "feel good factor" - they must like what they see and feel in the shop window). 7. Maximise lines of communication and opportunities for access to and by other agencies & government departments. (Interface expansion). 8. Maximise efficiency of management and supervisory structures for incident response, monitoring procedures and operational control (More effective time management that will lead to greater individual and group motivation & identity). 9. Maximise knowledge, awareness and potential of all staff and employees. ( Knowledge = Confidence + Individual Responsibility will lead to a more easily managed workforce more ready and able to identify with their work place =Greater Loyalty which in turn will lead to a more efficient and self motivated workforce). 10. Minimise wrong attitudes. (The integration of the electronics systems in association with added awareness and training would hopefully result in a common bond of loyalty between all staff.). Monitoring Command & Control Centres CCTV & TWO WAY RADIOS GPRS, VEHICLE TAGGING, TRACKING, ALARM MONITORING & RESPONSE
The Risk Factor The general risks, whilst apparent to all, need to be identified in every case. The detailed assessment of any of these risks in relation to any area(s) or group(s) and their bearing on operational and monitoring strategies for maximum efficiency. To be adopted will form the first phase of the consultancy and design programme that will meet the necessary requirements of our clients. We are very proud to put together a team of indigenous and well experienced international experts and consultants in the various categories of communications, information, technology and security in the African region that can easily relate to every case and come up with an home grown solution. We are also dealing directly with manufacturers in our different brand of equipments and services with the fullest warranty and support.
CONCLUSION TransAfrica2000(Ghana)Ltd and IDV (UK)Ltd strategic partnership and concept is now the total solution for all INTEGRATED COMMUNICATIONS TECHNOLOGY AND SECURITY Projects and Specifications for AFRICA. We have now set up in ACCRA, GHANA WEST AFRICA, a modern office and demonstration room with all displays including, DIGITAL CCTV CAMERAS & MONITORS, MULPTIPLEXERS, RECORDERS, ACCESS CONTROL SYSTEMS, SENSORS, PABX WITH PASSWORD, HOTELS & GUEST HOUSES SYSTEMS WITH ALL FEATURES INCLUDING VOICE MAIL, WAKE UP CALLS, CALL MONITORING, ALARM REPORTING etc. Click to Website www.transafrica2000.com www.africasecurityconsortium.com 12月5日 Talking about ICT Security
SECURING AFRICA HOMELAND FUTURE Decentralized ICT Security With Strong Government Oversight Recommended (“without Delay”). Syl Juxon Smith BSc(Admin)Dip.Intl.Trade
Industrial & Commercial Security Consultant (Africa)
Member of ASIS (Advancing Security Worldwide
Meeting today’s modern high-tech solutions, challenges and advancement in governmental, commercial and industrial security with special reference in this whitepaper to Africa`s gateways pertaining to its assets, harbour and airport security is paramount and a priority. African governments must liberalise its critical mission infrastructure (ergonomics) security initiatives and ICT related projects for positive results. Building systems and networking infrastructures such as LAN, MAN, WAN, INTRANET and the INTERNET for greater flexibility and better performance must be directed to the private and business enterprises initiative with professional collaboration rather than existing ad-hoc approach in breach of international conventions, fuelling threats to public safety and international security. Stringent adherence to basic norms and standards in choices of contractors, type of technology and quality of manpower resources must be the criteria in decision making. In return will attract value for money, solid investments, better professional services and expertise meeting international standards conforming to updated rules and regulations. Adopting implementation of a more decentralized strategy for the nation’s critical mission infrastructure is inevitable. Identifying our priorities is essential; developing security plan for technology in all sectors is imperative and mandatory. It forms an integral part of daily agendas and working modus operandi. An home grown mixed, match integrated solution is the key objective, providing upgrade for existing infrastructures, cost effective alternatives for modern concepts meeting local requirements and responding to present global village trends. Greater flexibility and innovative screening process is essential while operating under tight supervision and oversight, over lapping with existing integrated command and control structures is the only way forward. Governments should not concentrate its much needed energy in manning and controlling technological infrastructures but allow town and local councils, commercials and industrial participation in doing so as partners, crucial and essential in building lasting solutions. What security measures can the maritime and aviation sector expect in the next few years?
CONCLUSION My opinion and statements in this whitepaper relates to forward thinking plans, events and performances which are forward-looking statements reflecting African government`s attitudes in outsourcing, entrepreneur’s current expectations, assumptions and estimates of future recognitions and full participation in the economic and security realities of the continent`s Home Land Security initiatives. Forward-looking statements are made in projections and advice based on present global trends in business, technology and security. Cautions to governments, enterprises, public, private sector and investors that forward looking statements involve risks and uncertainties that may cause actual results to differ materially from those expressed or implied in such statements when not observed or addressed comprehensively. Risks and uncertainties include, without limitation, those related to: the ability of individuals and Companies win contracts on merits and to prevail in maintaining its award, and achieve targeted purpose. Government and commercial customers; the development of the marketplace for fair play; the ability of Companies to successfully compete for and be awarded certain major domestic and/or international government contracts for products and services; the ability to complete projects development on a successful and timely basis. A new contract concept approach must be adopted. In advance countries, industrial contracts are in most times selective or nominative. This is because of the high level sensitivity of professionalism and supervision it entails. Once a contract demands design, supply and install, it automatically requires a nominative or selective standards with a Cost Plus formula. The objective of establishing a contract on ‘Cost Plus’ basis is to enable the Employer to justify letting the contract to a specific Contractor without re-tendering the contract. The advantage of a ‘Cost Plus’ contract under present circumstances is that it allows for a completely transparent contract thereby enabling the employer to approve payment having had sight of all of the costs incurred on the contract. Most of the contract is the same as any other services contract, containing the same terms and conditions. The main exception in the ‘Cost Plus’ contract is the method for payment and payment approval. A budget figure is initially submitted and agreed upon, which accurately reflects the cost of the contract plus an agreed percentage fee for mark up / profit for the Contractor. This will remove the tendency of pegging figures to contracts that at the end do not fulfil the requirements or purpose for which the contract was initiated in the first place.
Going for the lowest bidder is not always advisable. It can be a very risky strategy by which governments and businesses can never have full value for money. This can only cause future loss, inferior services and poor maintenance. A retrogressive approach rather than forward looking. At a tender meeting the need for a state of the art equipment and budgetary availability became the contending issue in contrast. Spending less for high tier solution was the objective of the issuer of the tender. At the evaluation meeting, a bidder got up categorically emphasising referring to logic in reference “if you pay for a Rolls Royce I will give you one”, in response the Chairman of the tender committee reiterated “well if it is a Volkswagen I wanted so why not”, then the gentleman finally reply “don’t ask for a state of the art or a Rolls Royce when you know it is not what you are looking for, your statement is quite misleading”. What is evident at that point in exchange of rhetoric’s is the tender chairman and his committee already knowing what they wanted including budgetary expenditure they did not divulge to all the bidders. In a nutshell for future reference, as and advice to the wise, It is rather better from the first instance to go for a nominative bid on a Cost Plus solution when you know your budget limitation. You can negotiate and phase it as and when there is availability of funds by which the objective is not compromised, exposing oneself and the institution or business represented to ridicule and embarrassment.
|
|
|
