Letter from our CEO
Dear iColo partners,
As we enter into the final phase of the completion of our Mombasa One Data Center (MBA1), I am excited to share with you some of the activities that are scheduled to happen within the next couple of months before we officially launch MBA1.
Our generators, electrical boards and UPS’s have been shipped out from Europe on 14th April. The shipment is expected on site in Miritini by mid May. We have two containerised 1.2 MVA Gensets, fuel storage system, and main control system . Also included are two PX500 UPS’s and low voltage boards from Schneider Electric.
The building is progressing well and the final finishes are on going. Currently the doors are being installed, openings in walls for cable trays and services are being made, the inner roof is being closed and the trenching work is on going.
During the coming month we expect the building to be completed, electrical gear and Gensets to arrive on site and installation to begin. The mechanical and electrical fit out will continue and ISPs will begin pulling fibre to site.
Thank you for your continuous support. We look forward to sharing more details on the progress of MBA1 as we closely approach the launch date.
PCI DSS and ISO27001 Certified
Data center operations are becoming more challenging and traditional data center security approaches that have been used in the past are not appropriate anymore. Customers will always want to be ensured that their data –wherever it is hosted will be protected and monitored in the most secure environment possible.
Data center security is a vital component for us because we are aware of the risk exposure and the vulnerability to operational, financial and reputational damage. Our information security governance ensures that our security standards support business objectives, manage risks appropriately and are consistent with applicable laws and regulations.
We are working with Infosents to implement Payment Card Industry Data Security Standard (PCI DSS) certification and Information Security Management (ISO27001). A PCI Security standard offers comprehensive standards and supporting materials to enhance data security for card payments. This framework provides measures that will allow safe handling of cardholder information at every step.
ISO27001 is an international certification that ensures that information security in our data center is at the highest level. iColo will be certified by 1st August 2017 and will be the first data center in East Africa to be ISO27001 compliant.
Our information security vendor Infosents is a vendor neutral information security consulting services company based in Nairobi. They offer clients a range of IT services: IT forensics, investigations, penetration testing, and information security related project management and compliance certification services. Their core customers are organizations, which are most vulnerable to risk should they be affected by information security incident.
This month we sat down with Fayaaz Ayoub, CEO of Infosents to tell us more about their information security services:
- What requirements does an organization need to meet to get certified and what is the process? PCI DSS and ISO certifications are the pinnacle of information security certifications in the world today. Both certifications give assurance that the organisation has implemented controls that are effective in managing security for their customer’s data and the facilities that the data is stored in. With regards to the process, the reviews are very rigorous as we have to assess the design, implementation and operating effectiveness of the entity’s internal controls against global tried and tested standards. This is done from a process, people and technology point of view. The general process for certification is a bench marking exercise of the current environment against the standard, followed up with remediation and finally a certification audit.
- As an organization, what is your take on working with iColo and being part of the journey certifying our data centers as PCI DSS and ISO27001 compliant? iColo has taken a bold step in obtaining the certification. iColo will be the first data center in East and Central Africa to be PCI DSS and ISO27001 certified. With the rigorous processes that come with not only obtaining but also retaining the certifications, iColo will be the gold standard in not only maintaining but also managing the security of their data centers and the client data stored and processed therein.
- Which organizations have you worked with previously? We recently certified Equity Bank to be the first bank in east and central Africa to achieve a PCI DSS certification. We also ran the vulnerability management program for one of the largest ATM management entities in east Africa. We have a wide diversity of clients from financial institutions, insurance companies and NGOs. Our clients are in Kenya, Uganda, Tanzania and South Africa. Some of our clients include:
- Cooperative Bank
- I&M Bank
- Action Aid
- Compuscan South Africa
- Equity Bank
- Victoria Commercial Bank
- Blowplast Group
- Gulf African Bank
- How do organizations benefit from getting certified? Firstly, with the certifications firms have documentary evidence that their environment is secure. It shows that the design, implementation and operating effectiveness of internal controls meets world-class standards. The certification also benchmarks the organisation against their peers globally.
- How will the certifications help icolo in an overall outlook? We believe the certifications will set the stage for iColo to not only secure its environment but also give its current and potential clientele the assurance that their data and assets will be protected. In addition, the company will be able to assure its clients that they have been certified to one of the best global standards when it comes to information security.
Connected Kenya Summit
This past April icolo attended the annual Connected Kenya Summit organized by the ICT Authority that took place in Diani. The genesis of the summit can be traced to the needs to harmonize the ICT industry within the country. As such, Connected Kenya has come into its own and manages to draw together key industry players from the private and public sector that work together and exchange ideas to propel the country forward.
Traditionally, before the commencement of the summit a theme is pushed forward and this year the key theme was “Shaping the Future”.
It was made abundantly evident at the summit that “Internet of Things” (IOT) is shaping Kenya’s future, particularly in the education and agriculture sectors.
As another notable highlight was the growing presence of the cloud market in the region. Having gained significant traction over the past years, the cloud market is contributing to the country’s national development.
With the impressive growth being experienced and Kenya being slowly nudged towards a digital economy, a recurring topic that eventually topped the summit agenda was cyber security. Across Africa, a staggering sum of $2 billion was lost to cyber attacks in 2016. Within East Africa, Kenya topped the chart with the highest losses recorded at $171 million. Tanzania followed having lost $85 million while Ugandan companies lost $35 million (Serianu’s Cyber Security Report 2016). As financial institutions migrate to the digital landscape, they expose themselves to black hat hackers who have grown considerably over the past few years
According to Cisco’s Annual cyber security report, over 30% of companies that experienced a breach in 2016 reported over 20% loss in customer and revenues. (Cisco, 2017)
Speaking during Connected Summit 2017, Cisco regional General Manager, David Bunei said the increasing use of cyberspace and digital applications posed its own challenges, which are however, outweighed by the opportunities. He encouraged CEOs to make cyber security a business priority. Bunei attributed the wide spread adoption of cybercrime to the following:
- Budget Restrictions,
- Poor compatibility of systems
- Lack of educated and trained cyber security specialists
Towards the conclusion of the summit it was agreed that efforts were to be made to tackle cybercrime head on and to reduce its impacts. The ICT sector also called on legislators to enact more laws to secure the cyberspace. Another resolution stated is to pursue the development and recommendations of policies and regulatory interventions necessary to ensure citizen data will bring mutual benefit for both Government and Private sector.
Additionally, the Cabinet Secretary Joe Mucheru launched Ajira Digital Project in collaboration with the Rockefeller Foundation and Kenya Private Sector Alliance (KEPSA). Ajira Digital is an online platform aimed at leveraging online opportunities to create jobs for Kenyans. The project has been initiated with a KSH100 million grant. The online platform is aimed to make Kenya a freelance capital. Speaking at the summit, CS Joe Mucheru said that the grant would be used to train up to 10,000 youth through the KEPSA. He also said that 1160 innovation hubs would be built across the counties to spearhead the implementation of the program.
Written by: Sajid Vayani
Cloud Infrastructure in Africa
In February this year, our team had the opportunity to attend a flagship technology event in Nairobi Kenya NexTech Africa brought together tech leaders, Microsoft engineers, Kenyan developers and entrepreneurs to discuss development and deployment of locally relevant technology. Themed ‘Building For Africa’, the event aimed at helping African Entrepreneurs solve many business and market related challenges across all business sectors.
The event was a great opportunity for Africans to collaborate with technology leaders from Microsoft and across the world, explore local innovations that are making a global impact and advance the discussion on what it means for technology to be innately African.
Our CEO, Ranjith Cherickel spoke about ‘Cloud Infrastructure in Africa’. The African continent is set for significant cloud adoption. Africa is seeing an emerging Information Technology industry, which is looking to serve its customers and businesses through cloud-based applications. Governments and non-government organisations are relying on cloud based technologies to help transform their economies. The high ratio of internet users connecting with mobile devices makes the continent a prime candidate for cloud computing.
The talk focused on cloud infrastructure from an African prospective and how we are going to build cloud in Africa where we can compete with other advanced markets or where we can have services that we deliver to the end users.
To learn more about ‘Cloud Infrastructure in Africa’ you can watch our CEO’s speech at NexTech Africa