<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Wingdings;color:#1F497D">J</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><a name="_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></a></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif""> kictanet [mailto:kictanet-bounces+nasser.kettani=microsoft.com@lists.kictanet.or.ke]
<b>On Behalf Of </b>Mouz via kictanet<br>
<b>Sent:</b> vendredi 25 juillet 2014 12:41<br>
<b>To:</b> Nasser Kettani<br>
<b>Subject:</b> Re: [kictanet] Stung by cyber attacks, State resolves to host websites locally<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">The ICT principal secretary,the National Intelligence Service, Kenya Defence Forces, CID, CAK director-general and ICT Authority chief executive think state websites can be made secure simply by moving them to Kenya! We should be very worried!
God-forbid that these hackers should get ideas of hacking other government systems that are more crucial to us, we will be annihilated!
<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On 25 July 2014 14:32, Brian Munyao Longwe via kictanet <<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<div>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Good step by Government.<o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">First advantage, no foreign government can gain access to our government's content though legal (or illegal) intercept.<o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt">There will be growing pains as these are preliminary baby steps - but it is a move in the right direction IMHO<o:p></o:p></p>
</div>
<p class="MsoNormal">Mblayo<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><o:p> </o:p></p>
<div>
<div>
<div>
<p class="MsoNormal">On Fri, Jul 25, 2014 at 11:25 AM, Adam Nelson via kictanet <<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a>> wrote:<o:p></o:p></p>
</div>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<div>
<div>
<p class="MsoNormal">It looks like the sites will be hosted by CAK internally. Of course, that's a recipe for monoculture and some serious problems around stagnation of eGovernment products. Smarter would be:<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">1. Have compulsory training on basic security for all government employees who work in an office.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">2. Get all government employees on a modern OS (OS X Mavericks, Windows 8, Ubuntu 14.04, Android 4.4, iOS 7, etc..). Any hardware than can't support these OSes should be auctioned off.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">3. Turn on two-factor authentication wherever possible<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">4. Aside from totally sensitive information (CBK, MoD, office of President), put everything on a local public cloud like Kili (<a href="http://kili.io" target="_blank">http://kili.io</a>).<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">5. Use vendors to do application implementations that are NOT the hosts of the application (i.e. Seven Seas should implement but not be the host and Kili should host but not write the application - this prevents lock-in and staleness which
leads to security holes).<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">6. For deeply sensitive stuff, deploy private clouds that are not connected to the Internet. Some vendors locally can do this (including Kili of course).<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">-Adam<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><br clear="all">
<o:p></o:p></p>
<div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Arial","sans-serif"">--<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Arial","sans-serif"">Kili - Cloud for Africa: <a href="http://kili.io/" target="_blank"><span style="color:#1155CC">kili.io</span></a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Arial","sans-serif"">Musings:<a href="https://twitter.com/varud" target="_blank"><span style="color:#1155CC"> twitter.com/varud</span></a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Arial","sans-serif"">More Musings:
<a href="http://varud.com" target="_blank">varud.com</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Arial","sans-serif"">About Adam: <a href="https://www.linkedin.com/in/adamcnelson" target="_blank"><span style="color:#1155CC">www.linkedin.com/in/adamcnelson</span></a><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On Fri, Jul 25, 2014 at 11:05 AM, Mwendwa Kivuva via kictanet <<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a>> wrote:<o:p></o:p></p>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0cm 0cm 0cm 6.0pt;margin-left:4.8pt;margin-right:0cm">
<div>
<p class="MsoNormal">All State-owned websites will be hosted locally in order to curb rising cases of cyber security attacks.<br>
<br>
This was a key resolution at a crisis meeting held on Thursday between top security officials and the Ministry of ICT.<br>
<br>
Held at Communication Authority of Kenya (CAK), the meeting was called to discuss the safety preparedness of the government to handle cyber attacks.<br>
<br>
It comes just days after hacking of the Kenya Defence Forces’ social media accounts including the official email account of the military spokesperson Emmanuel Chirchir.<br>
<br>
In attendance were ICT principal secretary Joseph Tiampati, representatives of the National Intelligence Service, Kenya Defence Forces, CID, CAK director-general Francis Wangusi and ICT Authority chief executive.<br>
<br>
<a href="http://www.nation.co.ke/business/Cyber-Security-Attacks-ICT-Ministry/-/996/2396632/-/g6u9p4z/-/index.html" target="_blank">http://www.nation.co.ke/business/Cyber-Security-Attacks-ICT-Ministry/-/996/2396632/-/g6u9p4z/-/index.html</a><br>
<br>
<br clear="all">
<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">______________________<br>
Mwendwa Kivuva, Nairobi, Kenya<br>
<a href="http://twitter.com/lordmwesh" target="_blank">twitter.com/lordmwesh</a><o:p></o:p></p>
<div>
<p class="MsoNormal"><span style="font-family:"Arial","sans-serif";color:#292F33">"There are some men who lift the age they inhabit, till all men walk on higher ground in that lifetime." - Maxwell Anderson</span><o:p></o:p></p>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><br>
_______________________________________________<br>
kictanet mailing list<br>
<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a><br>
<a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
<br>
Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/adam%40varud.com" target="_blank">
https://lists.kictanet.or.ke/mailman/options/kictanet/adam%40varud.com</a><br>
<br>
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT
enabled growth and development.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or
qualifications.<o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
_______________________________________________<br>
kictanet mailing list<br>
<a href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a><br>
<a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal">Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/blongwe%40gmail.com" target="_blank">
https://lists.kictanet.or.ke/mailman/options/kictanet/blongwe%40gmail.com</a><o:p></o:p></p>
<div>
<p class="MsoNormal"><br>
<br>
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT
enabled growth and development.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or
qualifications.<o:p></o:p></p>
</div>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal"><br>
_______________________________________________<br>
kictanet mailing list<br>
<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>
<a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
<br>
Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/mouzmuyer%40gmail.com" target="_blank">
https://lists.kictanet.or.ke/mailman/options/kictanet/mouzmuyer%40gmail.com</a><br>
<br>
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT
enabled growth and development.<br>
<br>
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or
qualifications.<o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"><br>
<br clear="all">
<br>
-- <o:p></o:p></p>
<div>
<div>
<p class="MsoNormal">./mouz<o:p></o:p></p>
</div>
</div>
</div>
</div>
</body>
</html>