Presentation is loading. Please wait.

Presentation is loading. Please wait.

Remarks Adam Montserin CEO, iGovTT 2 Re-Cap of Last Meeting Update on GovNeTT RFP Status of the eGIF Policy By Kevin Ramcharitar Solution Architect Office,

Published byJoseph Lee Underwood Modified over 9 years ago

Similar presentations

Presentation on theme: "Remarks Adam Montserin CEO, iGovTT 2 Re-Cap of Last Meeting Update on GovNeTT RFP Status of the eGIF Policy By Kevin Ramcharitar Solution Architect Office,"— Presentation transcript:

1

2 Remarks Adam Montserin CEO, iGovTT 2

3 Re-Cap of Last Meeting Update on GovNeTT RFP Status of the eGIF Policy By Kevin Ramcharitar Solution Architect Office, Consulting Unit 3

4 Draft Policy Information & Communication Technology & Systems Specifications Approval Denyse White, Consulting Unit 28 March, 2013

5  Limited IT professionals throughout GoRTT  Administrative/Operational role of National Information Systems Centre  Process established in 1990  NISC subsumed by National ICT Centre 20??  Responsibilities retained by iGovTT 2010 5

6  IT professionals prevalent throughout GoRTT  Strategic advisory role of iGovTT  Policy last revisited in 2006  Incorporated within the CTB regulations 6 Current State

7  Inconsistent adherence to the process  Time delays to GoRTT agencies  Value add vs. resource allocation – iGovTT 7

8 Stakeholders  Ministry of Finance  Central Tenders Board  Permanent Secretaries (Equivalent Accounting Officers)  ICT and Procurement Specialists 8

9 Governance 9 iGovTT Bi Annual Update of Specifications GoRTT Agencies Compliance Sign Off Permanent Secretary Procurement Approval Ministry of Finance Release of Funds for Expenditure

10 Compliance Sign-Off 10

11 Exception Governance 11 GoRTT Agency Request review and approval iGovTT Review and Provide Recommendation Permanent Secretary Procurement Approval Ministry of Finance Release of Funds for Expenditure

12 Primary Questions Do you agree with the purpose as defined in the ICT and Systems Specifications Policy? Should there be any inclusions or exclusions to the scope? Are there any other legislation or guidelines that should be included for consideration in the adoption of the policy? Do you agree with the objective of establishing this devolved authority? Are there any other areas that should be included for consideration? 12

13 Consultation Process Consultation Document Circulated Feedback timeframe – 3 weeks from issuance Feedback submitted via – Email - Denyse White – denyse.white@igovtt.ttdenyse.white@igovtt.tt – General Comments on Secure Log In Site - http://www.igovtt.tt/members/ http://www.igovtt.tt/members/ – Print Copy Denyse White National Information and Communication Technology Company Limited (iGovTT) 52 Pembroke Street Port of Spain 624-8001 (fax) 13

14 14

15 Thank You iGovTT Thank You iGovTT Lord Harris Court 52 Pembroke Street Port of Spain Republic of Trinidad and Tobago Telephone: (868) 627-5600 Fax: (868) 624-8001 Email:igovtt@gov.ttigovtt@gov.tt Website: www.igovtt.ttwww.igovtt.tt Facebook: www.facebook.com/iGovTTwww.facebook.com/iGovTT Twitter: @iGovTT

16 Cloud Computing Varma Maharaj Solution Architect Office, Consulting Unit 28 March, 2013

17 What is Cloud Computing? The Use of Computing Hardware and Software Delivered as-a-Service over a Network

18 Common Characteristics of Cloud Computing  Ubiquitous Access  Resource Virtualization  Pay-as-You-Use  Elasticity  Remotely Hosted

19 Community Cloud

20 Public Cloud

21 Private Cloud

22 Hybrid Cloud

23 Infrastructure as a Service  Rent fundamental infrastructure: -processing -storage, -networking  Deploy software, applications and even operating systems

24 Software as a Service  No Hardware/Software to Manage  Service Delivery via web browser

25 Platform as a Service  Deploy and develop your own software  Configure hosting options

26  Lowered ICT Costs  Lowered Client License Cost  Pay-as-you-Use  Ubiquitous Access  Reduced Procurement Times and Requirements  24 x 7 Availability  Simplified Centralized Applications  Improved Application Redundancy

27 Disadvantages of the Cloud  Data Protection  Governance  Security Control  Requires Persistent Connection  Limited features

28  Benefits of Economies of Scale  Overall Reduction in ICT Operational and Capital Cost  Focus on Services Offered – Less Focus on Management of Infrastructure  Eco-Friendly

29  Satisfying Infrastructure Demands  Increased Elasticity and Agility  Governance & Ownership

30 How Developing Countries Approach Cloud:  Leverage For ICT Advancement  Advanced ICT Innovation at Lowered Cost  Begin The Transition to Next Generation Models of ICT Such as Cloud

31 How Major Countries Approach Cloud:  Incorporate cloud computing in their ICT strategy  Many applications already deployed via the cloud  Enables efficient/effective ICT sharing  United States, United Kingdom and Singapore

32  Cloud is Here  Structural and Cultural Shift from Traditional ICT  Security Concerns Can Be Overcome  Leverage Existing Government ICT Infrastructure  Explore and Implement a Cloud Strategy

33

34 Thank You iGovTT Thank You iGovTT Lord Harris Court 52 Pembroke Street Port of Spain Republic of Trinidad and Tobago Telephone: (868) 627-5600 Fax: (868) 624-8001 Email:igovtt@gov.ttigovtt@gov.tt Website: www.igovtt.ttwww.igovtt.tt Facebook: www.facebook.com/iGovTTwww.facebook.com/iGovTT Twitter: @iGovTT

35 Security Considerations in Cloud Computing Khafra Murray, Security & Assurance Unit 28 March, 2013

36 Security Considerations of the Cloud  No information system is 100% Safe  Understand the risks of cloud computing  How cloud hosting companies have approached security  Law and Jurisdiction are critical  Best practice for companies utilizing the cloud

37 No System is 100% Safe  Every system once thought secure has been breeched  Cloud services have become and will continue to be a very lucrative target for hackers  It’s still Hardware + Software + People, just not YOUR hardware, YOUR software or YOUR people.

38 Risks Inherent to Cloud Computing  Disconnect in Information Control  Disconnect in control systems and policy  Disconnect in SLA interpretations  Black Box Managed Services / Lack of Transparency  Single Points of Failure

39 Information Control  Data is no longer “on premises” subject to audited physical protections  Data subject to service provider’s backup policies, including off-site storage  Data is subject to service provider’s retention policies  Provider Liability for data loss is minimal

40 Disconnect in Internal Controls  Service Provider will have their own control mechanisms  Policies (HR, Financial, workflows) internal to the provider and invisible to the cloud subscriber will have an impact on the risk to cloud services.  Processes such as change management may not align to client standards (Microsoft Azure failure 2013)

41 Service Level Agreements  Do not provide guarantees, only a promise of best effort  Can often be misinterpreted, disagreements in SLA interpretation can stall service delivery  There is always compromise/imbalance between the risk transferred to the provider and the accountability in the event of service or data loss.

42 Black Box / Lack of Transparency  Service providers provide high level concepts of the architecture, but no more  Hardware and software used in the infrastructure cannot be audited for vulnerabilities by the client  Providers do not permit audits of their operations/processes/policies by the client  Public Cloud subscribers are co-tenants - you don’t know who’s data or what class of data is being hosted along with yours

43 Single Points of Failure  Despite the distributed nature of many cloud services, even the largest suffer system-wide outages (Amazon, Windows Azure)  Business operations are affected without any powers or access to affect the recovery  Traditional BCP cannot replicate cloud based services

44 Law  The Patriot Act stipulates than data stored in the USA or under the custodianship of a US company can be accessed by that government in the course of an investigation – Service providers are legally barred from informing subscribers of the access to their data  In T&T it is illegal to store sensitive government data overseas unless the foreign territory provides equal or greater protections for data privacy and confidentiality

45 Jurisdiction  Data stored in any country is subject to the laws and compliance requirements of that country in preference to any other  Companies registered in the United States can be mandated to provide electronic data stored in any servers under it’s control in any country  In the event of a data breach of GoRTT data at a foreign cloud service provider, the process to grant access to digital evidence would take no less than 6 months

46 Maintain Control and Confidentiality  Private Cloud deployments over public cloud services  Data encryption for data in motion (client/server) as well as data at rest. – There are security solutions which do this  Ensure that data classification policies are robust and services subscribed to support the class of data

47 Managing Risk in The Cloud: Due Diligence  Inquire about exception monitoring and reporting  Vigilance around platform updates and access privileges  Ask where data (including backups) is stored AND processed, and inquire as to the details of data protection laws in the relevant jurisdictions.

48 Due Diligence  Independent assessments and certifications  Third party transparency  BCP/DR activities align with cloud based processing and services  Availability guarantees and liability  Find out whether the cloud provider will accommodate of GoRTT security policy Managing Risk in The Cloud:

49 Thank You iGovTT Thank You iGovTT Lord Harris Court 52 Pembroke Street Port of Spain Republic of Trinidad and Tobago Telephone: (868) 627-5600 Fax: (868) 624-8001 Email:igovtt@gov.ttigovtt@gov.tt Website: www.igovtt.ttwww.igovtt.tt Facebook: www.facebook.com/iGovTTwww.facebook.com/iGovTT Twitter: @iGovTT

50 Moderated by Denyse White 50

51

Download ppt "Remarks Adam Montserin CEO, iGovTT 2 Re-Cap of Last Meeting Update on GovNeTT RFP Status of the eGIF Policy By Kevin Ramcharitar Solution Architect Office,"

Similar presentations

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.
Optimizing the Cloud in Government Hyatt Regency, Miami 25 July, 2012.

Optimizing the Cloud in Government Hyatt Regency, Miami 25 July, 2012.
The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.

The Gathering Cloud computing - Legal considerations David Goodbrand, Partner 28 February 2013 Aberdeen Edinburgh Glasgow.
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.

Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.

GLOBRIN Business Continuity Workshop TECHNOLOGY & INFORMATION 13 th November 2013 Graham Jack.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Developing a Records & Information Retention & Disposition Program:

Developing a Records & Information Retention & Disposition Program:
Department of Internal Affairs Cloud computing considerations John Roberts Director, Relationship Management CRI Records Managers 11 June 2015.

Department of Internal Affairs Cloud computing considerations John Roberts Director, Relationship Management CRI Records Managers 11 June 2015.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
Wally Kowal, President and Founder Canadian Cloud Computing Inc.

Wally Kowal, President and Founder Canadian Cloud Computing Inc.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Cloud Computing Guide & Handbook SAI USA Madhav Panwar.

Cloud Computing Guide & Handbook SAI USA Madhav Panwar.
1. 2 New Computing Models, and What They Mean to the Small and Mid Sized Business Consumer How your business can make practical decisions between “The.

1. 2 New Computing Models, and What They Mean to the Small and Mid Sized Business Consumer How your business can make practical decisions between “The.
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.

Cloud Computing Stuart Dillon-Roberts. “In the simplest terms, cloud computing means storing & accessing data & programs over the Internet instead of.
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.

Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer.
Cloud computing Tahani aljehani.

Cloud computing Tahani aljehani.

Similar presentations

Ads by Google