Upload
cioeastafrica
View
242
Download
0
Embed Size (px)
Citation preview
8/3/2019 GDC - Magero Gumo
1/11
CIO 100 SYMPOSIUM
GOVERNMENT DATA CENTER
November 2011
Magero Gumo
Director, Shared Services
8/3/2019 GDC - Magero Gumo
2/11
Background
Started in 2008
Benchmarks in South Africa and Schengen China
Capacity Building was carried out as the GDC wasbeing implemented
The Facility is located 20 km from the City Centre inhighly secure environment
Investment from a concession loan from the PeoplesRepublic of China
8/3/2019 GDC - Magero Gumo
3/11
Page 3
Public Service Zone Internal Common Zone Ministry ZonesFinance Ministry Immigration
Ministry
Core Router
Aggregation Switch
Core Router
FirewallFirewall
IDS
IDS
Load Balance
IDS
Internet
Storage and Backup
SecondaryDC
Core Router
2.5G Pos
SAN
KVM
FE
GE
2.5G POS
T3
Customer Operation
Remote Access
FirewallKey (MA5200F) Firewall
VPN
VPN Router
Firewall
Access SwitchAccess Switch
Network Monitor
Access Switch
Aggregation Switch
Architecture
Firewall
Maintenance Area
Core Router
Firewall
Aggregation SwitchAggregation Switch
Aggregation SwitchAggregation Switch Aggregation Switch
Aggregation Switch
Government Internal OA System
Load Balance
Load Balance
Load Balance
GCCN
ProxyMailDNS Web
KVM Switch
Access Switch
KVM Authentication Server
Network Management System Server
8/3/2019 GDC - Magero Gumo
4/11
WhyWhy??Increased IT demand
Increasing storage needs
Increasing powerconsumption
Data center expansion
Increasing cost pressures
Reducing costs is
increasingly a priority
Power costs are rising
Data center operatingcosts are increasing
Responsiveness to change
Technology densities
growing
Data centers are aging
Power and cooling needs
8/3/2019 GDC - Magero Gumo
5/11
Value Proposition
PreventPrevent ProtectProtect ManageManage RecoverRecover
Services to assessand plan for a resilientgovernment
infrastructure
Services toremotely store,protect & recovervital governmentinformation
Services to providefault-tolerant, failure-resistant infrastructure
with near-zerorecovery times
Services torecover business &technology
following anegative event
IT Recovery
Continuity & Resiliency Services
Tape Backup Services Replication/MirroringServices
Work Area Recovery
8/3/2019 GDC - Magero Gumo
6/11
Layers of Resilience
StrategyStrategy
Crisis management process
Articulated governance model
Resilience used as competitive advantage
ResilienceStrategy
OrganizationOrganization
Command center identified
Geographic diversity of staff Defined roles and responsibilities
Continuity Plan
ProcessesProcesses Identify most critical processes
Contingencies integrated into all critical processes Key links with external companies
Business ImpactAnalysis
Applicationsand DataApplicationsand Data
Mirroring for critical data
Remote backup facilities Backups of workstation data for mobile workers / counties
DataManagement
TechnologyTechnology Server and storage virtualisation Rapid Server provisioning
Specialist Recovery Expertise
IT Recovery
FacilitiesFacilities Govt Data Centre
Disaster Recovery Construction
Continued network access to MDAs
Work Area &Data Centre
8/3/2019 GDC - Magero Gumo
7/11
As an analogy to its medieval predecessors, IT securityrequires a well-tuned and well-placed mix of differenttechnologies.
7
Implementation
Definition of standards;Choice and implementation
of technology, managementprocesses and procedures
OperationSecurity education andawareness programs forend users; implementationof operational processesand procedures
Setting conditions for informationsecurity derived from business goals,
their documentation, communicationand organizational responsibilities
Policies, Org.
Risk
Classification of assets;identification of threats to assets,their impacts and associated risks
Effective and efficientinformation security
program
Audit
Assessment of degree ofcompleteness of implementationand effectiveness of informationsecurity measures
Security
8/3/2019 GDC - Magero Gumo
8/11
Dont forget to activate the human firewall rulesneed to be communicated and employees need to be
made aware of them and sensitized as to their content
and reasoning.
+
GovernmentGoals
Information SecurityPolicy
Issue-based Security Policiese.g. Internet, e-mail, remote access, backup
Standards, Processes, Procedurese.g. client and server configuration for
Windows and UNIX, user administration,backup, incident handling, network access
8/3/2019 GDC - Magero Gumo
9/11
9
100 percent security or assurancecannot be achieved
8/3/2019 GDC - Magero Gumo
10/11
but we as a government are trying to dowhatever is ...
technically feasible and
practical,
economically reasonable,
legally required, and
socially acceptable.
8/3/2019 GDC - Magero Gumo
11/11
Questions?