[kictanet] Day 4 of 10:- IG Discussions, Internet Security.

Patrick Mburu patrick.mburu at gmail.com
Fri Aug 15 18:13:07 EAT 2008


Good afternoon ladies and gents,

Information security... one query i had been asking myself for years.. is
how can we be sure we take the necessary measures to ensure "my" information
is safe...however this has always fallen on the higher side... especially
now in a strange world of buying all types and goods and services from as
far as Brazil and know it will be delivered right to my door.  One element
remains is *how safe* is my or any of your information and details in
the virtual world...and what is being done to protect it once its there...
Just looking back a couple moth ago, we saw with the safcom IPO when all (or
maybe just me..) there was a loop hole to see what person had on a
portfolio... ofcourse this could be downplayed.. but just for example...

Information is only too powerful a resource that we all in different
capacities hold dear...once in the hand of others we may feel violated /
vulnerable... similar as being burgled in a way...someone being able to walk
right through my front door and check on my personal files.. take what they
need and do what they will... so information security surely needs to be
tackled and or awareness to consumers and businesses;

I think one area for review is this area of authentication of actual users
and at the varios portals that are currently popping up in all avenues... as
Mich and other colleagues have already indicated... u never know what site u
may be logging onto and giving your access codes to the online mwizi...

With that said e-commerce is here to be embraced... and most definitely for
development...using whatever technologies or combination there are on the
market to promote this...but with customer / consumer information at
risk... i think the one main focus point is on the ample meausre's needed
to ensure security of customer information...

 Given the ever growing rate in internet and or e-fraud instances currently
experienced in Europe, US, etc.., one of the main reported cases of internet
fraud is through identity fraud... i think as we embark on this new trend of
business and convenience.. we could assist in eductating the community
locally...regionally.. on the potential threats... and thereof....

Ok prior to proposing a possible solution through this.. and respecting this
as a discussion fora... i will first seek permission to :-)

Just FYI: heres some information / statistics on cyber crime:
http://www.tamingthebeast.net/blog/ecommerce/internet-fraud-statistics-0207.htm
http://securosis.com/2008/06/09/new-identity-theft-stats/

Kind regards,

Patrick Mburu
Director - IT
www.ats-africa.com
*"Prevention is better than cure..."*

2008/8/15 Judy Okite <judyokite at gmail.com>

> Michuki,
>
> I do agree with you,very few onliners, think about security,when they are
> online. examples:
>
> 1. How many people,do actually read the End User License Agreement on the
> websites,especially,when installing softwares? the link below should make a
> good read.
>
> http://www.pcpitstop.com/spycheck/eula.asp
>
> 2. Should there be or is there a policy,when  it comes to changing a domain
> name?
>
> When one types; www.nationmedia.com you are redirected to
> www.nationmedia.co.ke....I check this website everyday....one day it was so
> slow loading...then...walaa...its .co.ke....if we dont take the time(maybe I
> missed it) to let our users know of the changes....then, what will happen
> when when Kenya gets into serious E-commerce? I believe we need to start
> now,to build trust online,it may seem like a small thing,but it will go a
> long way.
>
> e.g what is the difference between www.safaricom.com and
> www.safaricom.co.ke?
>
>
> I)     The Jurisdiction and Arbitration of eCriminals e.g. How would one
> resolve a case where a Kenyan ISP is hosting an eCommerce site that sells
> content that is declared illegal in Germany (e.g Hitler's paraphanallia).
>  Can/Should the Germans shut down the Kenyan business site?
>
> Well,I think the Yahoo and France on the Nazi case was a great eye opener
> in this regard, but what does that mean.......if the Germany decides to
> filter ccTLD(.KE)...then all Kenyan businesses loose.....not a very wise
> option! the ISP's will have to be responsible for the contents they
> display??.
>
> Kind Regards,
>
>
>
>
>   On Thu, Aug 14, 2008 at 8:05 AM, John Walubengo <jwalu at yahoo.com> wrote:
>
>>  Morning all,
>>
>> Looks like very little response on yesterday's topic...where's Waudo
>> formerly WGIG member?  Nway, today's IG theme is the one with the most
>> consensus across all stakeholders.  The fact that the internet is becoming a
>> place to place to work, live, pray or play is widely acknowledged and hence
>> the consensus on the need to protect it.
>>
>> The global and borderless nature of the Internet means that a secure
>> internet needs a concerted global effort as earlier mentioned by Brian.  A
>> very secure US-territoial Internet is of no use if for example the
>> Africa-territorial Internet is insecure since phising attacks, viruses,
>> spam, eFrauds and other destabilizing conditions can be launched from there.
>> Spam for example is known to constitute over 60% of email traffic on the
>> Internet, which is a fairly significant chunk of Internet Bandwidth and
>> Server Processing power going to waste.
>>
>> The main internet security debate that cross-cuts into legal/social
>> baskets often centers around:
>> I)      How the Internet Protocol (IP) could be improved so as to
>> trace-back the origin of the Spammers, eFraudsters, and other criminals.
>>  This may demand implementing IP tools that require all internet services
>> (email, dns, web, etc) to be digitally signed - a feature that would come
>> with some overheads (Mich could again assist here on which overheads these
>> could be)
>> II)     The Jurisdiction and Arbitration of eCriminals e.g. How would one
>> resolve a case where a Kenyan ISP is hosting an eCommerce site that sells
>> content that is declared illegal in Germany (e.g Hitler's paraphanallia).
>>  Can/Should the Germans shut down the Kenyan business site?
>> III)    The delicate balance between pursing security and respecting
>> citizen rights. To what extent should governments go into private emails,
>> phone-logs, etc, in order to safeguard national security? Or what should be
>> the mandatory procedures required of Businesses to safeguard sensitive
>> electronic data of citizens?
>>
>> Plse feel free to add, clarify, object or modify the above.  More
>> importantly think of what would be an E.African position on the issues.
>>
>> As usual, 1day on this theme.
>>
>> walu.
>>
>>
>>
>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>
>> This message was sent to: judyokite at gmail.com
>> Unsubscribe or change your options at
>> http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com
>>
>
>
>
> --
> "Do not go where the path may lead, go instead where there is no path and
> leave a trail."
> ~ Ralph Waldo Emerson
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: patrick.mburu at gmail.com
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/patrick.mburu%40gmail.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20080815/b4e69952/attachment.htm>


More information about the KICTANet mailing list