Export Processing Zones Authority

Information and Communication Technology

Policy
Version I
Export Processing Zones Authority
P.O. Box 50563 00200
Nairobi
Te! 25" 020 2#$2%0$&6
'ax! 25" 020 2#$3#0"
( 2005 copyright EPZA
)une 2005
1
2
Introduction
*n+or,ation an- .o,,unication Technoogies /*.T0 is a -ri1ing +orce o+ a acti1ities. *t pays a
crucia roe o+ i,pro1ing co,,unication2 in+or,ation processing an- in+or,ation ,anage,ent.
The Authority protects its Assets /3ar-4are2 5o+t4are an- Net4or6s0 an- other reate- acti1ities
through 1arious poicies an- proce-ures2 4hich ha1e to be +oo4e- by each an e1ery sta++ ,e,ber
in the organi7ation.
ICT Mission Statement
The *.T section 4i -e1eop an- i,pe,ent e++ecti1e an- e++icient *.T poicy an- pro1i-e
sustainabe technoogica in+rastructure an- support +or the reai7ation o+ Export Processing Zones
Authority ,ission
3
1! Computer "ard#are$ Peripherals and other e%uipment
.o,puter har-4are2 peripheras an- other e8uip,ent 4i incu-e a the co,puter reate-
har-4are 4hich is o4ne- by EPZA. These 4i incu-e an- not i,ite- to Persona .o,puters an-
its accessories2 9aptops2 :P5s2 Printers2 existing cabing in+rastructure etc.
$.$ Purchasing an- *nstaing o+ har-4are
A the *.T e8uip,ent sha be purchase- a+ter reco,,en-ation by the *.T section. :ser
re8uiring *.T e8uip,ent sha contact their respecti1e ,anagers 4ho 4i in turn +or4ar- to
the *.T section 4ho 4i consi-er the re8uest -epen-ing on +easibiity2 suitabiity an-
bu-get.
$.$.$ .o,puters an- aptops
Purchases o+ co,puter har-4are an- aptops sha be restricte- to incu-e ony
bran-e- co,puters incu-ing an- not i,ite- to .o,pa82 3P2 *B;2 an- <e
$.$.2 .abing
.abing re+ers to the 4iring 4hich has been set up to support 9oca Area Net4or6
/9AN0 an- the teephone syste, at a the EPZA pre,ises. 5tructure- cabing sha
be a-opte- an- a the o++ices sha ha1e net4or6 points to pro1i-e +or the access
to the 9AN an- +or use in the teephone ser1ices.
$.$.3 :ninterruptibe Po4er 5uppy /:P50 units
These are the po4er surge protectors an- reguators. A the co,puters an-
ree1ant e8uip,ent ,ust be protecte- +ro, po4er reate- probe,s by use o+ a
:P5.
$.$." Printers
A the co,puters sha be accessibe to a printer 4hich is either connecte- -irecty
or through the net4or6.
$.$.5 ;o-e,s
Ony co,puters +or -iaup access sha be +itte- 4ith ,o-e, as sha be
reco,,en-e- by the *.T section hea-.
4
$.2 E8uip,ent *n1entory
EPZA *.T section sha ,aintain the in1entory o+ a the *.T e8uip,ent an- a-1ice the
,anage,ent on ac8uisition an- -isposa o+ the sa,e
$.3 :se o+ e8uip,ent
A the *.T e8uip,ent sha be use- 4ithin the EPZA o++ices.
Non EPZA ,e,bers o+ sta++ are prohibite- +ro, using an- accessing the *.T e8uip,ent.
$." .onsu,abes
*.T consu,abes sha be procure- by the procure,ent o++icer in iaison 4ith the *.T
section
$.5 =or6ing o++ pre,ises an- using outsource->Externa e8uip,ent
Any e8uip,ent re8uire- +or use outsi-e the o++ice sha be sub?ect to reease by the *.T
section
Outsource- >Externa e8uip,ent such as aptop2 .<s2 <is6ettes2 9.< pro?ectors +or use
4ithin EPZA pre,ises sha be sub?ect to appro1a by *.T section.
$.6 5er1icing an- ,aintenance
5er1icing an- ,inor repairs o+ *.T e8uip,ent sha be -one internay. ;a?or repairs sha
be outsource- to outsi-e co,pany as sha be -eter,ine-.
$.# @etiring o+ obsoete e8uip,ent
The *.T section sha +ro, ti,e to ti,e a-1ice the Authority on e8uip,ent 4hich are
obsoete an- re8uire -isposa.
5
&! 'ocal Area (et#or)
2.$ ;anage,ent
2.2 .ontro an- Access
2.3 Net4or6 Printer
6
*! Soft#are Systems
3.$ Procure,ent o+ so+t4are
Procure,ent o+ any so+t4are sha be coor-inate- by the user -epart,ent an- the *.T
section 4ho sha pro1i-e the technica a-1ice. 5o+t4are can be bought either o++&the&she+
or -e1eope-.
3.$.$ O++ the she+ 5o+t4are
The Authority sha buy ,ost o+ the generic syste,s +ro, the ,ar6et +or on4ar-
custo,i7ation to ta6e a-1antage o+ their resiience an- the +act that they ha1e
been taste- in the ,ar6et
3.$.2 <e1eope- so+t4are /*n&house an- taior&,a-e0
5o+t4are -e1eop,ent co,pany 4i be contracte- to -e1eop taior&,a-e so+t4are
+or the Authority incase the sai- so+t4are is not a1aiabe o++&the&she+. This 4i be
coor-inate- by the user -epart,ent an- the *.T section.
5yste,s -e1eope- internay /*n&house0 by the ,e,bers o+ sta++ sha be +or s,a
scae use by the -e1eopers>users to ease processing o+ -ata or per+or,ing o+
certain +unctions.
3.2 5o+t4are ,aintenance an- upgra-e
The Authority sha enter into agree,ent 4ith the 1en-ors>suppiers o+ the so+t4are in use
4ithin the Authority +or ,aintenance an- upgra-e to +aciitate ,aintenance o+ up to -ate
so+t4are>syste,s.
3.3 Access an- use o+ so+t4are
Any so+t4are instae- in the Authority har-4are syste,s sha ony be use- by authori7e-
o++icers. This authori7ation sha be pro1i-e- by the hea- o+ *.T or the hea- o+ the user
-epart,ent.
3." 5o+t4are usage poicies an- proce-ures
3.".$ 9icense Agree,ents
3.".2 @epro-ucing 5o+t4are
3.".3 :nauthori7e- 5o+t4are
7
+! Information Processing$ Management and Security
+1 Introduction
The goa o+ bac6ups is to pre1ent the oss o+ -ata in the case o+ syste, +aiure or the acci-enta
-eetion o+ -ata. Bac6ups are not ,eant to archi1e -ata +or +uture re+erence.
The *.T -i1ision 4i 6eep proper bac6up on -aiy basis an- retaine- +or a perio- o+ up to one
4ee6.
<ue to the +re8uent change in technoogy2 the bac6upAs ,e-ia sha be re1ise- consistenty to
ensure that a the bac6ups are accessibe an- can be re-epoye- 4hen nee-e-.
Entry to 5er1er @oo, sha re,ain restricte- to *n+or,ation an- .o,,unication Technoogy
/*.T0 sta++.
A -ata pertaining to the Authority sha be store- on Bac6up ;e-ia.
The bac6ups o+ co,puter syste,s sha be ocate- in sa+e externa areas to ei,inate any
chances o+ -a,age in the e1ent o+ -isaster.
+& ,hat to -ac)up
<ata store- ocay on -es6top co,puters an- on syste,s that are ,anage- by the *.T
-epart,ent incu-ing net4or6 e8uip,ent sha be bac6e- up in accor-ance 4ith this poicy.
+* .re%uency of -ac)up and Storage Period
<ata bac6up sha be -one on -aiy basis as +oo4sB
a0 *ncre,enta bac6up sha be -one -aiy +ro, ;on-ay to 'ri-ay.
b0 'ri-ay bac6up sha be 6ept as the 4ee6y bac6up an- the other bac6up tapes recyce- or
o1er4ritten.
c0 The bac6up o+ the ast 'ri-ay o+ the ,onth sha be treate- as the ,onthy bac6up. The
other 'ri-ayAs bac6up o+ the pre1ious ,onth sha be recyce-.
-0 ;onthy bac6ups sha be 6ept +or a perio- o+ one year an- therea+ter the tapes can be
recyce-.
:ser -ata shou- not be archi1e- +or ong perio-s o+ ti,e as it is ony being bac6e- up to reco1er
+ro, har-4are +aiure an- acci-enta -eetion. Bac6ups o+ user -ata ,ay be store- +or a ,axi,u,
8
o+ six ,onths an- are to be -estroye- or o1er4ritten a+ter that ti,e. .ertain in+or,ation2 such as
syste, ogs an- seecte- usage ogs2 shou- be store- +or a year so as to pro1i-e su++icient -ata
+or usage anaysis an- to hep in1estigate security inci-ents.

4.4 Storage Media
There are ,any a1aiabe bac6up soutions incu-ing Tape bac6ups2 Net4or6 attache- storage2
5torage Area Net4or6s2 <irect Attache- 5torage2 i5.5*2 <is6 .oning2 @e,o1abe an- Externa
<is6 <ri1es2 Bac6up 5o+t4are2 @A*< 5torage2 'ireproo+ ;e-ia 5a+es an- .abinets.
+/ Storage 'ocation
=ee6y bac6ups an- ,onthy bac6ups sha be 6ept o++&site. Proper en1iron,ent contro2
te,perature2 hu,i-ity an- +ire protection2 sha be ,aintaine- at the storage ocation.
".6 Storage Security and Access
".6.$ A bac6up ,e-ia 4i be store- in a secure area an- ony accessibe to *.T or
authori7e- sta++. To a-- an extra ayer o+ security -ocu,ents shou- be sa1e- 4ith
pass4or-s.
".6.2 The bac6up -e1ice2 5er1ers an- storage ,e-ia shou- be in a secure2 oc6e-
roo, 4ith i,ite- access. The bac6up ,e-ia shou- be store- in +ireproo+ sa+e 4hen it is
not in use.
".6.3 Perio-ic tests o+ the bac6ups 4i be per+or,e- to -eter,ine i+ +ies can be
restore-. This shou- be -one ,onthy to ensure that both the tapes an- the bac6up
proce-ures 4or6 propery.
".# 0estoring -ac)up
<ata re8uire- +or restoring sha be -one upon re8uest to the *.T section
9
/! Internet and Email
The Authority has net4or6 connecti1ity that enabes sta++ to chec6 ,ai an- bro4se the internet +or
in+or,ation an- other ser1ices. The +oo4ing is to be obser1e- by a users 4hen accessing the
*nternet!&
$. =hie sta++ is encourage- to use the *nternet as an in+or,ation resource2 they are not
ao4e- to -o4noa- an- insta -ata +ro, the *nternet 4ithout appro1a +ro, *.T.
2. The sta++ is -iscourage- +ro, 1isiting unauthori7e- sites.
3. <eete e,ais that they -o not 6no4 the source 4ithout opening to a1oi- in+ecting the
e8uip,ent 4ith 1iruses.
". 5a1e any e,ais to separate +o-er i+ they 4ish to re+er to the, ater.
5. <eete e,ais 4ith attach,ents to sa1e -is6s space.
6. Any e,ais that are three months o- or ,ore 4i auto,aticay be -eete- +ro, a ,ai
boxes by *.T section to re-ee, -is6 space.
#. 5ta++ is encourage- to sa1e copies o+ their i,portant -ocu,ents on -is6ettes2 .<s or
tapes in iaison 4ith *.T section
10
1! EPZA ,e2site
6.$ :se
Authority 4ebsite sha be use- as source o+ in+or,ation to the externa 4or- an- sha
aso pro1i-e a +ee-bac6 on en8uiries about the EPZ progra,,e in Cenya.
6.2 :p-ating
:p-ating o+ the Authority 4ebsite sha be -one a+ter reco,,en-ation +ro, the =ebsite
,anage,ent tea, 4hich sha be constitute- by the .EO an- co,prises o+ Ne4
*n1est,ents2 P@O an- the *.T.
6.3 @e-esigning
@e-esigning o+ the 4ebsite sha be -one a+ter e1ery three years an- sha be coor-inate-
by the =ebsite ,anage,ent tea,.
11
3! Training and Staff A#areness
*n+or,ation an- .o,,unication Technoogy is -yna,ic there+ore training o+ sta++ on upco,ing
technoogy is e,phasi7e- to ensure that the Authority is not e+t behin-. To ensure that users ha1e
su++icient 6no4e-ge o+ operating co,puter syste,s! &
$. A a++ecte- users sha be a-e8uatey traine- on any ne4 upco,ing so+t4are or co,puter
har-4are
2. The *.T sta++ sha be traine- consistenty to act as the +irst e1e *.T support in the
organi7ation.
3. The Authority sha pro1i-e ree1ant earning ,aterias on *.T in the section an- ,ain
ibrary.
12
4! Prohi2ited Acti5ities67ses
The iste- actions are prohibite- in the AuthorityAs *.T syste,s
$. <o4noa-ing 5o+t4are 4ithout *.T section hea- authority
2. Printing or -istributing copyrighte- ,aterias
3. :se o+ unicense- 5o+t4are
". :sing Authority syste,s to soicit +or persona gain
5. Operating a Business +ro, the o++ice using Authority *.T +aciity
6. :se o+ O++ensi1e or 3arassing state,ents
#. 'or4ar-ing inappropriate ,essages
%. :se o+ 5urs an- )o6es
D. 5exuay oriente- ,essages or ?o6es
$0. Accessing =ebsites .ontaining
a. Pornographic
b. Terroris,
c. Espionage
-. The+t
e. <rugs
$$. Ea,bing
$2. :nethica Acti1ities
$3. Acti1ities -a,aging to the co,pany
$". Eranting access to externa persons
$5. *,personating another person
$6. *ntro-ucing a 1irus
13
8! 0esponse to ICT incidentals
D.$ <es6top .o,puters an- Access
D.2 Net4or6
D.3 5yste, A-,inistration
D." E,ai
D.5 *nternet
D.6 ;o1e,ent o+ E8uip,ent
14
Fioation o+ the poicy 4i resut in re1ocation>suspension o+ the pri1ieges accor-e- to the *.T
users
This poicy 4i be re1ie4e- on reguar basis an- users 4i be noti+ie- by e,ai on the changes an-
current 1ersion o+ the *.T poicy.
15