e-Government Agency - CTO. Jabiri Kuwe Bakari.… · Introduction e-Government The use of ICT , and...
Transcript of e-Government Agency - CTO. Jabiri Kuwe Bakari.… · Introduction e-Government The use of ICT , and...
THE UNITED REPUBLIC OF TANZANIA President’s office, Public Service Management
e-Government Agency
Delivering Secure, Public-Oriented e-Government Facilities in Africa
A Holistic Approach
Dr. Jabiri Kuwe Bakari Bsc. Computer Sc., Msc. (Eng.) Data comm., PhD.
(CEO) e-Government Agency (eGA)
e-Government Agency - Tanzania
1
Agenda
e-Government Agency - Tanzania
1. Introduction
2. e-Government Facilities in a Nutshell
3. Delivering Secure, Public-Oriented e-Government Facilities
4. Issues and Challenges - African perspective
5. Suggestions to Address the Challenges
6. Conclusion
Introduction e-Government The use of ICT , and particularly the internet, as a tool to achieve better government.
The process involves people, hardware (computers, networks gadgets), software (operating systems and application systems) and systems (combination of hardware, software and people).
The arrangement requires reliable and secure communication infrastructure to facilitate exchange of information, skilled staff and presence of appropriate e-legislations
e-Government Facilities These are general systems and components needed to create the necessary e-
government offerings, such as software, hardware, infrastructure and other e-services platforms.
ICT/e-Government Security The protection of information systems against unauthorised access to or
modification of information, whether in storage, processing or transit, and against
the denial of or absence of service to authorised user or the provision of service to
unauthorised users, including those measures necessary to detect, document, and
counter such threats.
It covers information, infrastructure, processes, systems, services and technology.
e-Government Agency - Tanzania
© e-Government Agency
4
Infor. System in Various Public Institutions
1-Secured information systems within The public institutions
2 Secured infrastructure between the public institutions
Public services available through
Various platform/service providers
Public getting various services
through Various platform/ service providers / operators
Private Cloud Use of Shared resources, systems, Data centres,
secured infrastructure etc
e-Government in a Nutshell
e-Government Agency - Tanzania
5
Hardware
Operating
system
Applications
Store
Process
Collect
Communi
cate
Hardware
Operating
system
Applications
Store
Process
Collect
Communi
cate
Operational
Procedural Operational
Procedural
Mechanical/Electronic
Mechanical/Electronic
Administrational
Managerial Administrational
Managerial
Legal/ContractualLegal/Contractual
Ethical/CultureEthical/Culture
Database
(Various business
records etc. )Database
(Various business
records etc. )
e-Government Facilities in a Nutshell
Valuable asset of public
Institution-Information Valuable asset of Public
institution -Information
Software (Operating
systems, Application
software) set of
instructions
ICT eGov
Private Cloud
•It is about business processes, enabled by ICT, taking place within and between different public
institutions
•It is about collecting, processing, storing and exchanging information within and between different
public institutions
e-Government Agency - Tanzania
6
Hardware
Operating
system
ApplicationsStore
Process
Collect
Communi
cate
Hardware
Operating
system
Applications
Store
Process
Collect
Communi
cate
Operational
Procedural Operational
Procedural
Mechanical/ElectronicMechanical/Electronic
Administrational
Managerial Administrational
Managerial
Legal/ContractualLegal/Contractual
Ethical/CultureEthical/Culture
• Information security is about protection of ICT assets/resources in
terms of Confidentiality, Integrity and Availability – (information
and services)
Malicious software (Virus,
worm or denial-of-service
attack, Backdoors, salami
attacks, spyware, etc.) can
be introduced here !
Holistic Approach
required
Database
(Various business
records etc. )
Database
(Various business
records etc. )
Valuable asset of the Public
institutions -Information
Valuable asset of the public
institutions-Information
Delivering secure, public-oriented e-Government
facilities
Physical security of
the hardware
Authorised user
abusing his/her
privileges e.g.
Disgruntled staff
e-Government Agency - Tanzania
7
Issues and Challenges
1. Cultural and Ethical Challenges
User behaviour - Culture of “sharing”
Unethical behaviour,
2. Legal Challenges
Lack of Legal framework necessary to avail e-
government services to citizenry
e-Government Agency - Tanzania
8
Issues and Challenges…
3.Administrative and Managerial Challenges
Existence of perception gap between the decision
makers and technical staff on ICT security. Thus,
difficult in getting Strategic Management's Backing.
Inadequacy of well structured ICT
departments/units, with appropriate skills and
strategically positioned within public institutions.
Lack of competent and vetted human resource to
effectively deal with ICT security.
Inadequate collaboration between the ICT
departments in public institutions and the e-
Government entity
Acquisition of e-government solutions which are
not derived from institutions requirement (vendor
driven)
e-Government Agency - Tanzania
9
Issues and Challenges…
4) Operational Procedure Challenges
Absence of ICT security policies,
standards and guidelines both at
national and organizational levels
5) Technical Issues
Software, hardware and network
vulnerabilities coupled with Inadequate
management, control and maintenance
of ICT
E-Government systems not integrated –
exchange of information between one
system and another system is facilitated
by user
e-Government Agency - Tanzania
Suggestions to address the Challenges
At a Strategic Level
• Knowing and acknowledging the problem/ issue
• Bridging the gap between decision makers and technical staff
• ICT security concerns should be addressed in the initial planning of e-government initiatives
• Formulating ICT Security strategies at national and organizational levels
• ICT security challenges should not be dealt in isolation, instead holistic approach is required.
• Putting in place coherent legal and regulatory frameworks - Whole process of e-Government need to be guided by sound legal and regulatory environment.
e-Government Agency - Tanzania
Suggestions to address the Challenges
At Tactical and Operational Level • HR: Involving skilled and ethical personnel during
acquisition, installation and operationalization of e-government
• Capacity building and awareness raising
• Implementing ICT Security strategies at national and organizational levels
• Use Standards and Best Practices
e-Government Agency - Tanzania
12
A Holistic Approach for Managing ICT Security in Organisations
Strategic (Top)
Management’s
Backing
(GL-01)
Technical
Management's
Backing
(GL-02)
Quick
Scan
(GL-04)
Form
Project
Team & Plan
(GL-03)
General
Management’s
attention &
Backing
(GL-05)Risk
Assessment/
Analysis
(GL-08)
Mitigation
Planning
(GL-09)
Develop
Counter
Measures
(GL-10)
Operationalisation
(ICT Security
Policy, Services &
Mechanisms)
(GL-11)
Maintenance
(Monitor the
Progress)
(GL-12)
Review/Audit
ICT Security
(GL-06)
Awareness
& Backing of
General staff
(GL-07)
INTERNALISED & CONTINUOUS PROCESS
INTRODUCTION OF ICT
SECURITY MANAGEMENT
PROCESS (INITIALISATION)
The Organisation
The Organisation’s goal & services
Sta
nd
ard
s a
nd
Be
st
Pra
cti
se
s
Th
e O
rga
nis
ati
on
’s c
ult
ure
& b
eh
av
iou
r
The Environment
Stakeholders
Pu
blic
in
fra
str
uc
ture
s
Th
e O
rga
nis
ati
on
’s s
tru
ctu
re
Presented in a book: ISBN Nr 91-7155-383-8
e-Government Agency - Tanzania
Each process maps the Holistic View of the security challenge
Mechanical/Electronic
Applications
Operating
system
Hardware
Store
Process
Collect
Commu
nicate
Social
Technical
Holistic view of ICT
Security Problem (SBC)
Ethical/Culture
Legal/Contractual
Administrational
Managerial
Operational
Procedural
People
Users
Valuable asset-
Information
Database
(Various business
records etc. )
Process
(GL - X)
e-Government Agency - Tanzania
A holistic approach for managing ICT security is required for public-oriented e-
Government facilities to be secure!
General Management
Mechanical/Electronic
Applications
Operating
system
Hardware
Store
Process
Collect
Commu
nicate
Social
IT managers &
Security Personnel
Technical
Holistic view of ICT
Security Problem (SBC)
Ethical/Culture
Legal/Contractual
Administrational
Managerial
Operational
Procedural
People
Users
Perception Problem
Valuable asset-
Information
Database
(Financial, customer
records etc. )
General Management
This is a technical
problem
Lets have the best Firewall,
Antivirus etc.
This is a business
Problem
Depending on organisation structure -
The general management team may
comprise of CEO, Assistant to CEO,
All Directors, and all CXOs from major
units which are not Directorates
e-Government Agency - Tanzania
END
Thank You for Listening
15 e-Government Agency - Tanzania