January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network...
Transcript of January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network...
![Page 1: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/1.jpg)
January 2014
![Page 2: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/2.jpg)
SM
AR
TE
CH
2/13
Introduction, 3
Our Vision, 3
Our Mission, 3
Our People, 4
Service Delivery Focus, 4
Customer Focus, 4
QA/QC Policy, 5
Continuous Improvement Approach (CIA), 5
Corporate Services, 6
Information Security Management System (ISMS) Policy, 7
Security, 7
People, 8
Process, 8
Technology, 8
Problem Escalation Management, 9
List of Clients, 9
Partners, 10
Contact, 10
Brief Profile of Executive Directors, 11
![Page 3: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/3.jpg)
SM
AR
TE
CH
3/13
SMARTECH INFORMATION SECURITY LTD – RC
1000433 is a private limited liability company founded
and incorporated under the Nigerian Company &
Allied Matters Act to carry on business in the areas of Computer & Network Security,
Networking & Web Services, Information Security Risk & Business Continuity
Management, Information Security Standards Evaluations & Compliance, Computer
Forensics (cybercrime investigations & audit), Smart Cards & Identity Management,
Cybercrime Detection & Prevention, Public Key Infrastructure and Management,
Automatic Identification & Loss Prevention Systems, Document Management, and
End-to-End Real Time Visibility & Radio Frequency Identification (RFID) Systems.
SMARTECH provides proactive and modern ICT & Information Security solutions to
emerging challenges in business processes, e-transactions and e-governance from
system design through system integration to a complete enterprise solution. Today,
rapidly growing challenges are resulting in the need for proactive actions both in
institutional processes and technology. We are being stimulated by these dynamics
and the myriads of available technological solutions to offer these specialised
services in the provision of efficient and secure mechanisms for protecting
organisational assets, organisational processes and products, while optimising
enterprise and institutional goals.
Our business philosophy and passion is to be on top of current 21st century
technologies and new innovations as they are being rolled out and to incorporate
these trends in our products/services to drive client’s management decisions that
will improve their enterprise processes and institutional governance.
Given that optimisation and automation needs in business processes and
governance are becoming more vital than ever, embracing the newest technologies
shall be the cornerstone of our quality, innovative and forward-looking service
delivery.
![Page 4: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/4.jpg)
SM
AR
TE
CH
4/13
People at all levels in Smartech are the essence of the company’s existence. We
have motivated, committed and involved personnel that are always eager to
participate in and contribute to continual improvement in our service delivery.
Our services and solutions are driven by our personnel who are experts and
experienced professionals and well versed in contemporary technologies that will
define, develop and deliver the appropriate solutions to address client’s enterprise
and governance mission critical needs and challenges. We equally have robust
technical supports from our partners who are OEM and reputable software
developers around the globe. We collaborate with our partners to mutually provide
business development and consulting services to support teaming opportunities.
In today’s business and governance landscape, it is a never ending struggle –
organisational information security management is becoming more critical as
enterprises are constantly looking for ways to optimise business goals and minimise
cost. Thus, with today’s threat landscape in constant flux, remaining a step ahead is
the tonic required for effective policing of enterprise assets, B2B e-transactions, and
optimisation of business objectives. As a client, you come to realize that this is the
ultimate attribute you expect from us!
At SMARTECH, our deliverable target is to provide fast, reliable and competitive
services to our esteemed clients in full adherence to contract obligations, and
industry practice and standards. Thus, honouring every pledge we make, no matter
how little, remains the very foundation for the service quality we promise our clients.
Our approaches to client service include:
Striving to provide value as defined by the client.
Provide customer-driven services.
Emphasize relationships through efficient customer relationship
management.
At Smartech, we engage our clients to understand their current and future needs in
order to meet their project requirements and strive to exceed their expectations.
![Page 5: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/5.jpg)
SM
AR
TE
CH
5/13
Our customer relationship management is based on:
Ensuring that project objectives of clients are linked to client’s needs and
expectations.
Systematically manage client’s relationships with adequate feedback
mechanism.
Ensuring a balanced approach between satisfying clients and other interested
parties (such as owners, employees, local communities and society in
general).
The implementation of quality assurance and quality control (QA/QC) procedures is
an integral part in the execution of any project in Smartech. As described in ISO
9001 Quality Management Systems, it is our policy to ensure that clients get
consistent, good quality products and services at all times.
Continuous improvement of Smartech’s overall performance is a permanent
objective of the company. Our Continuous Improvement Approach (CIA) is an
ongoing effort to improve our products, services and processes to provide
excellence and added value for our esteemed clients. In Smartech, it is our belief
that continuous improvement isn’t one particular system or specific way of
performing a task, it is a mindset, based on the conviction that there is always a
superior way of doing things and therefore a journey that never ends.
Our 3 step model approach to continuous improvement includes:
1. Look before you leap
2. Idea generation
3. Review, refine and test out
![Page 6: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/6.jpg)
SM
AR
TE
CH
6/13
Smartech provide global C4ISR portfolio of products/services which include
Command, Control, Communication, Computers, Intelligence, Surveillance and
Reconnaissance as summarised below:
End-to-End Visibility & Radio Frequency Identification (RFID) Systems
Real-Time Inventory Management & Asset Visibility & Tracking
Petroleum Pipeline Intrusion Detection & Monitoring
File/Document Tracking/Management
Weapons & Armoury Management
SmartFleet – Vehicle Intelligent Solution
Retail Security & Loss Prevention
Library Automation & Security System
RFID in Health Care
Smart Card and Identity Management Solutions
Automated Toll Gate & Electronic Ticketing for Mass Transportation
System
Employee/Staff ID & Student ID With e-Wallet
Drivers Licence & Third-Party Motor Vehicle Insurance Certificate
Public Key Infrastructure (PKI) Systems
Provision of Symmetric Keys for data Encryption & Decryption
Provision of Digital Signatures
PKI Design, Implementation and Management
Information Security Risk Management & Networking
Information Security Risk Assessment
Business Continuity Management
Information Security System Audit and Digital Forensics
Networks Design, Implementation, Operation & Security
ERP Development and Integration
Smart/Intelligent Electronic Security
Smart IP Surveillance
LTA Reconnaissance Systems
Aerostat systems
![Page 7: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/7.jpg)
SM
AR
TE
CH
7/13
In this age of knowledge economy and information society, information in all its
forms has become, more than ever before, the currency of everyday interactions,
debate, enlightenment, education, commerce, controversy and concern. Where
information is held by Institutions or businesses, our employees are expected to
ensure that they have proper regard to its Confidentiality, Integrity, and Availability
of its data and information systems.
The aim of this policy is to ensure that employees of Smartech all understand the
importance of Information Security Management as it relates to project’s
information they gather, process and store and the legal and ethical responsibilities
that are incumbent on them both as individuals and as members of staff.
Smartech is specifically committed to preserving the confidentiality, integrity and
availability of documentation and data supplied by, generated by and held on behalf
of client or third parties pursuant to the carrying out of work agreed by contract in
accordance with the requirements of ISO 27001: 2005 “Information technology –
security techniques – information security management systems (ISMS) –
requirements”.
These commitments are made in the recognition that adherence to these principles
is consistent with the mission and values of Smartech and critical to its core
business; strategic plans; and legal, regulatory and contractual requirements.
Our ISMS policy guideline is given below:
1. SECURITY
Keeping information secure is paramount to what we do and we take extensive care
towards protecting information assets. Our processes, procedures and infrastructure
are designed to meet these requirements.
This can be expressed as a Security Matrix as depicted below.
![Page 8: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/8.jpg)
SM
AR
TE
CH
8/13
2. PEOPLE
People are the most crucial aspect to be considered in implementing any security
measures. They can either make or break the system. We carry out stringent
background checks before employing any staff. We ensure that the team is
adequately trained and are completely aware and sensitive to the confidential
nature of the data and information they handle and the consequences of
irresponsible handling of this information.
All the employees are bound by confidentiality agreements as part of the project
execution process. Besides this if required, we can also sign an additional
confidentiality agreement for the specific project that they will be working on.
3. PROCESS
We have clearly defined processes that ensure that the information is handled
responsibly. Information is shared only on a “need to know” basis and no one other
than the people directly involved in the project have access to the information of the
project.
The following processes are implemented.
Logical Access Control
Password Security and Controls
Network and Telecommunication Security
Electronic Mail Security
Backup and Recovery Process
Operating system security
Internet Access & Security
Firewall Security
Virus Protection
Acceptable Usage Policy
Incident Response and Management (Mandatory Procedure)
4. TECHNOLOGY
Besides the people and the process, we have in place the systems required to ensure
that data and physical security are adequately addressed. Entry into the premises
and the various project areas is restricted and access control devices and monitoring
systems are in place to prevent and detect unauthorized access.
The systems used during the execution of any project do not have any external
drives and hence no data can be copied onto external storage media. The print
permissions are restricted and carefully monitored to prevent misuse.
![Page 9: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/9.jpg)
SM
AR
TE
CH
9/13
Audit trails of all system activities are maintained.
What this means for our Clients:
Assurance that customer data is safe
IT Infrastructure is protected against hacking
Software systems are tested for security issues
Heightened sense of security awareness among employees
In Smartech, the Customer is the King – thus we are very critical in any event that
would negatively impact the service fulfilment to the customer or where the
customer is not satisfied.
Computing platforms, networks, desktops, peripherals, and associated facilities are
critical components in daily business processes. These systems, applications, and
environment that connect users to these, are subject to events causing service
interruptions, degradation and unavailability. The purpose of our Problem
Escalation Procedure is therefore to provide a repeatable, structured, consistent,
and measurable process to ensure that client’s service interruptions receive the
appropriate level of attention and focus for problem resolution.
The procedure defines and describes the roles, responsibilities, and activities to
follow when escalating problems within Smartech, and the minimum information
needed to communicate system problem status. The goal of this Problem
Escalation procedure is to establish a clear set of events, actions, and results that
promote the successful resolution of anticipated or reported problems by clients,
while minimizing negative impacts and maximizing resource availability.
Lee Engineering & Const. Co. Ltd
![Page 10: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/10.jpg)
SM
AR
TE
CH
10/13
2, Dambata Close, Area 7
P.O. Box 17443
Garki 900246
Abuja, FCT
Nigeria
Tel: +234 (0) 818 677 8805
email: [email protected]
website: http://www.smartechinfosec.com
![Page 11: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/11.jpg)
SM
AR
TE
CH
11/13
NAME: Emmanuel Obaro OHWADUA
POSITION: Managing Partner
Mobile: 0817 039 2222
email: [email protected]
PERSONAL PROFILE
Emmanuel Obaro Ohwadua has multi-disciplined educational background that cut
across the Mathematical Sciences, ICT, Management and Engineering. He is an
Information Security System Architect with specialisation in Identity Management
technologies, Cyber Security and Cryptography; an author; and a management
consultant with a knack for business process re-engineering/optimization and
project management.
Ohwadua has a work history of over 16 years in the Netherlands, United Kingdom
and Nigeria. Areas of his work experience include Educational, Engineering, Oil &
Gas, ICT, GSM, and Information Security.
EDUCATIONAL QUALIFICATIONS
DATE COURSE/DEGREE INSTITUTION
2008-2009 MSc Information Security University of London, UK
2007-2008 MSc Mathematics University of Lagos, Nigeria
2003-2005 Master of Process
Engineering (MPE) University of Lagos, Nigeria
2000-2002 Master of Business
Administration (MBA) University of Ado-Ekiti, Nig.
1996-1997 Postgraduate Diploma
in Computer Science (PGDC) University of Abuja, Nigeria
1991-1995 BSc (Hons) Mathematics (2:1) Ambrose Ali University, Nig.
MEMBERSHIP: Information Security Group (ISG), London, UK.
![Page 12: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/12.jpg)
SM
AR
TE
CH
12/13
NAME: Ifeanyi Gilbert OSSAI
POSITION: Senior Partner
Mobile: 0818 677 8805
email: [email protected]
PERSONAL PROFILE
Ifeanyi Ossai has over 25 years experience in Engineering, Security and
Management. His educational background spans through Engineering, Business and
Security. He has masters degrees in Engineering (M. Engr.), Business administration
(MBA) and Information Security (MSc InfoSec).
He has worked in the United Kingdom and Nigeria with specialization in Risk
Management, PKI Management, Information Systems, Identity Management, Cyber
Security, Business Continuity & Recovery Planning, Compliance, Project
Management, Physical Security and Business Development.
EDUCATIONAL QUALIFICATIONS
DATE COURSE/DEGREE INSTITUTION
2008-2009 MSc Information Security University of London, UK
1989-1991 Master’s in Business
Administration (MBA) University of Benin, Nigeria
1986-1988 Master’s in Engineering (M. Engr) University of Nigeria,
Structural Nsukka, Nigeria
1979-1985 Bachelor’s of Engineering (B. Engr)
(Civil) University of Benin, Nigeria
MEMBERSHIP: Information Security Group (ISG), London, UK.
Information System Security Association (ISSA)
ASIS International
![Page 13: January 2014 · Allied Matters Act to carry on business in the areas of Computer & Network Security, Networking & Web Services, Information Security Risk & Business Continuity Management,](https://reader034.fdocuments.us/reader034/viewer/2022052014/602b9a5f38d95113af15724e/html5/thumbnails/13.jpg)
SM
AR
TE
CH
13/13
NAME: GUMWOS Ayuba Daniel
POSITION: Partner
Mobile: 0809 386 7368
email: [email protected]
PERSONAL PROFILE
Gumwos, Ayuba Daniel has over 19 years experience in Electronics and Software
Engineering. His educational background spans through Engineering, Business and
Management Information System (MIS). He has Bachelor of Engineering in
Electronics and Software Engineering (BEng), PGD in Computer Science, HND in
Physics/Electronics and NCE in Physics/Mathematics.
He has worked in the United Kingdom and Nigeria with specialization in Chip design
using High Speed NP-CMOS (zipper-Logic), Information Systems design and
assembly, Data Recovery Planning, Project Management and Business
Development. Earlier years of his working career was in the Banking Industry as MIS
Officer.
EDUCATIONAL QUALIFICATIONS
DATE COURSE/DEGREE INSTITUTION
2012 BEng (Elec./Software Engineering) Loughborough University,
UK
2001 PGD (Computer Science) University of Abuja, Nigeria
1995 HND (Physics/Electronics) University of Jos, Nigeria
MEMBERSHIP: Institute of Engineering Technology (IET)