Strategic ICT Partner
60 Mins Show dates: 9-13 October 2011, Dubai World Trade Centre
“Participating at this year’s edition of GITEX has allowed us to leverage our broad portfolio of products and solutions across various industry verticals and home user segments. Aside from promoting our products and meeting new clients, we are also looking to increase awareness on our ‘Smart IT versus Big IT’ initiative, ably positioning our integrated suite of solutions as world class and highly reliable offerings yet priced at very affordable rates.” Ahmad Zeidan, Channel Sales Manager, Netgear Middle East.
| AT GITEX TECHNOLOGY WEEK | Exhibition hours: 10am - 5pm
Dubai Islamic Bank has managed ATM solution
Specialist monitors Japan-based Eizo has a full range of specialised monitors.
Raising the bar
Reinforcing its leadership in managed services, Etisalat yesterday announced that it is implementing a managed ATM solution for Dubai Islamic Bank (DIB), the world’s first Islamic bank, to provide end-to-end managed services for 252 offsite ATMs. Etisalat will provide holistic management of all the MPLS links and routers for the Dubai Islamic Bank country-wide network of offsite ATMs. The managed ATM solution has already been implemented across DIB’s 180 remote ATM sites in the first phase and the second phase
for linking the additional 72 ATM sites is in progress. Etisalat has implemented a one stop solution for managing links and routers while also providing on-site support through its managed WAN service. This solution will provide DIB with the highest resiliency and redundancy for operations continuity ensuring the highest-level of security and resulting in higher productivity at reduced TCO for the bank. The unique feature of this solution is that in the event of a failure in the primary
Now more than ever organisations are beginning to understand the need to certify their information security management systems.
AEC brings smart metering solutions It is the fifth consecutive year that the Advanced Electronics Company is making its presence felt at GITEX.
4 CONTINUED ON PAGE 3
Adding value to your business Visit us at Gitex: Zabeel Hall ZL-C5 and Z-C10
Our partners: www.almasa.com
Delivering for citizens
4 CONTINUED FROM PAGE 1
Dubai eGovernment services have, for some years, been a model of delivery for other governments across the region. HE Ahmed Bin Humaidan, Director General of Dubai eGovernment, answers some questions for 60 Minutes. What is your primary objective for participating in GITEX? Dubai eGovernment is participating at in line with its commitment to keep pace with the latest developments in technology that will support the Emirate’s eTransformation. We are participating at GITEX in collaboration with different local government departments, as we jointly work to help realise the vision of HH Sheikh Mohammed Bin Rashid Al Maktoum, Vice President and Prime Minister of the UAE and Ruler of Dubai, to establish the Emirate as a leading knowledge economy. Dubai eGovernment’s participation in previous editions of GITEX have been very successful and we are looking forward to likewise achieving our objectives this year. Moreover, through this activity we are very keen to reinforce our relations with other
example of how a fully interconnected government operates. There is a series of presentations to explain the methodology in the provision of core eServices, which include Direct Public Services, Core & Channel Enabling Services, Government Resource Planning Services, Collaboration, Connectivity and Infrastructure Enabling Services, Government Information Network and Policy, Advisory and Knowledge Services for local government entities in Dubai. HE Ahmed Bin Humaidan, Director General of Dubai eGovernment government entities as we work together to continue to improve the performance of government eServices. What eServices and solutions are you presenting? We also aim to provide a great
What new eServices or initiatives or solutions are you featuring? Dubai eGovernment is participating under the themes ‘Connected Government’ and ‘Mobile Government’ given our push towards a collaborative and integrated eGovernment, while at the same time pushing for smartphone and mobile
Dubai Islamic Bank... MPLS link at any remote ATM site, the connectivity will automatically fail-over to Etisalat’s 3G network, ensuring operational continuity. Besides offering higher uptimes and reliability through proactive monitoring and management, the Managed ATM service from Etisalat will also provide several other benefits like faster transaction times, higher bandwidth and security management solutions. Commenting on the service, Abdulla Ebrahim Al Ahmed, Senior Vice President Business Solutions at Etisalat said: “Outsourced managed services enable organisations to focus on their core competencies while reducing their total cost of IT ownership. Through this relationship Etisalat aims to bring great value to DIB, with our strong delivery capacity, a modern and reliable infrastructure and robust processes. This is indeed a transformational deal, which reinforces our status as the leading ICT service provider in the region.”
4 CONTINUED FROM PAGE 2 applications across the various government departments in Dubai. We are hosting 26 government departments who in turn showcase their new products and eServices for both mobile and computer users. Are any of your partners participating in GITEX? Dubai eGovernment Department is hosting 26 government entities at our combined stand. We are building on the success of previous GITEX shows so we booked 2,300 square metres of exhibition space to give all our participating government entities greater flexibility to present their respective services in such a manner that it enhances government integration. So Dubai eGover nment provides an ideal opportunity for the different sections of the society including citizens, residents, businesses and visitors to witness the different milestones of Dubai eGover nment in promoting eTransformation in the Emirate. What successes have you enjoyed lately? Some KPIs for the last nine months show confidence in our services with a 52% increase in ePay transactions, from 1.7 billion to 2.6 billion dirhams. Similar improvements can be seen in our mobile transactions which rose 34% from 4.3 million dirhams to 6.35 million dirhams in the first nine months of this year. However, our business performance is not just about ePay and mPay. As part of our â€˜Customer Focusedâ€™ strategy, we encourage our partners to conduct regular surveys and hear the voices of their customers, so that eServices can be customised for their benefit. The number of eSurveys conducted by our government partners rose 64% from 241 surveys last year to 395 surveys so far this year.
Specialist monitors Japan-based Eizo has a full range of specialised monitors. These include monitors for medical imaging including x-ray images, gaming monitors and graphic monitors with colour calibration capability.
Get gaming! Taiwan-based Epicgear has some innovative and first time gaming accessories to display. This includes an enhanced power supply unit with real time data performance displayed on an LED panel, a hybrid twin senor mouse using optical and laser tracking and Corsa and Cyclone heat dissipation devices.
Banking solutions Epson is displaying its range of banking solutions including high speed stackable cheque printer and MICR cheque reader with its interface software.
Paramount â€“ The regional leader in Information Security Suite 102, Building No 1, Dubai Internet City P.O Box 25703,Dubai, UAE Tel: 971-4-3918600 Email: firstname.lastname@example.org
QWERTY keypad on back
Simple controls up front
Raising the bar Now more than ever organisations are beginning to understand the need to certify their information security management systems. we discuss the process of certification, difference between the ISMS and ADSIC standards and the future of compliance with Dr Angelika Plate, director of strategic security consulting at help AG.
“Sophos along with Astaro is consciously working towards demonstrating our complete security solutions in the Middle East at GITEX. On the network security side, we’re demonstrating the UTM solutions by recently acquired Astaro, as well as our innovative RED solution which simply and cost-effectively secures branch offices. Given the phenomenal growth patterns in mobile device usage in the region, we’re also be focusing on Sophos’ mobile security solution as well as our endpoint, data protection, gateway, e-mail and Web solutions. We’re also supporting our distributor Secureway Network Distributors and providing our support for product demonstrations, especially mobile device security. Customers are seeing the benefits of our dedicated local technical support and are deciding to engage with us in a more strategic way at the time of renewals.” Dr Kamel Heus, Managing Director MEA, Sophos
In an unsafe IT world companies are required to align their information security strategies with international regulations, standards and best practices when collaborating with business partners around the world. The need to comply with regulatory compliance standards like ISO 27001 and ADSIC is a significant driver for the predicted growth in the security software market across the globe. According to Dr Angelika Plate, director of strategic security consulting at help AG, “Organisations should think about the frequency of recent attacks and the sophistication with which these were conducted. They should think about Sony and RSA and other organisations that are suffering and understand the need and the benefits associated with certification and compliance.” According to experts, the objective of regulatory compliance standards is to provide organisations with a common basis for maintaining information security and this is particularly important where organisations wish to inter-connect electronically. Dr Plate points out that the certification of an organisation’s information security management system is one means of providing
Dr. Angelika Plate, Director of Strategic Security Consulting, help AG assurance that the organisation has implemented a system for the management of information security in line with international standards and serves as a foundation for international trade. Other benefits of certification for organisations include improved credibility and enhanced customer confidence, reduced need for multiple assessments and an opportunity for better monitoring of security applications through regular audits, experts say. When
dealing with a certified organisation, customers are reassured about the fact that the organisation has made the necessary investments to protect information shared with them. According to professionals, this is because compliance takes into account regular surveillance and audits of security standards to ensure that the requirements are maintained in the long run, they don’t feel the need to question the said organisation’s security policies. Dr Plate recommends that organisations must identify the need for certification before embarking on the project. “The Information Security Management System (ISMS) standards give decision makers the flexibility to define the scope for certification within their organisation. To be able to efficiently define the scope for certification it is essential that decision makers recognise the need to invest in the certification process.” The next step then is to think about where exactly the organisation sits based on a comparison across the controls and requirements from compliance standards. “Normally, organisations don’t just start from the green fields and the idea here is to encourage the ability to reuse all the work that
Publisher Dominic De Sousa, COO Nadeem Hood, Managing Director Richard Judd, Sales Director Rajashree R Kumar, Editorial Director Dave Reeder Senior Editors Sathya Mira Ashok, Jeevan Thankappan, Arun Shankar Circulation Manager Rajeesh M, Production Manager James Tharian, Art Director Kamil Roxas, Designers Analou Balbero, Froilan Cosgafa IV, Glenn Roxas, Digital Services Manager Tristan Troy Magma Web Developers Jerus King Bation, Erik Briones, Jefferson De Joya, Louie Alma, Jay Colina
they have done in the past. We want organisations to have to make as little change as possible and as much as necessary,” she explains. Risk assessment follows once the organisation has defined the areas of improvement based on gap analysis described earlier, “Businesses must then look into their assets and how they are placed, they must study how these assets may be affected in case of a security malfunction or breach and also assess the likelihood of this happening. Based on this analysis they can then define a set of risks they are most vulnerable to and are most likely to face.” Naturally the next step is to think about what steps can be taken to protect organisations from these same risks. Dr. Plate adds, “It is perfectly acceptable by the ISMS standards that an organisation accepts certain risks because it may just be that they can do nothing about it.” She explains this further with a situation where an organisation with relatively poor physical security, made minor investments to improve the lags. “They didn’t see any point in investing heavily in reshaping physical security entirely because they intended to move to another location in a few months anyway.” The most important thing, according to her, is to note that although the overall idea of an information security system is independent of type, size or nature
“Normally, organisations don’t just start from the green fields and the idea here is to encourage the ability to reuse all the work that they have done in the past. We want organisations to have to make as little change as possible and as much as necessary.” of the organisation because the standards must be comparable across all organisations that process information, there are yet inclusions specific to certain industries. Addressing the challenges associated with the certification process, Dr Plate says, “I think when it comes to certification, getting management support is one of the major challenges that organisations face. Without management commitment and support the project will not work and if you don’t have that don’t even start.” She also points out that getting certified is not necessarily a hurdle, but maintaining the standards set down by the compliance regulations is. “Organisations are often enthusiastic when registering for certification but they lapse on maintaining the standard requirements. That message is sometimes very difficult to convey. It takes years to maintain these standards,” she explains. According to her, the recently compiled ADSIC standards are not very different from the ISMS standards in that the standards are
a combination of the ISO 27001, ISO 27002 and other sources. “ADSIC and ISMS standards both require risk assessment, risk treatment and control implementation, in that the control guidelines across both these standards are quite similar with some differences. Organisations can get certified across both standards,” she adds. However, the interpretation of these requirements is slightly different across the two compliance standards. “Where ADSIC concentrates on the technical side ISMS concentrates on the managerial side, I think that in the ideal world both should come together,” says Dr Plate. For those interested in getting involved in the process of establishing information security management standards, she informs us that a national committee has recently been formed in the UAE. As per Dr Plate, involvement within the national committee will facilitate involvement in international standardisation. “This committee is managed by aeCERT in collaboration with me,” she says.
AEC brings smart metering solutions It is the fifth consecutive year that the Advanced Electronics Company is making its presence felt at GITEX. A high tech Saudi business, AEC creates solutions suited for local markets including solutions to digitise the utility business. AEC is responsible for digitising electro-mechanical meters in the Diplomatic Quarter in Riyadh using one of its new solutions.
Digitising the meters allows service providers and end-users to access information remotely. It also allows service providers to offer incentives to reduce electricity consumption loads. Dr Khaled Biyari, senior VP and GM stated: “In this region during the summer months, there are three or four hours where maximum electricity is used, increasing the load and creating
huge pressure. Service providers can offer price incentives for example which would encourage a person to use his washing machine in the evening.” Elaborating on AEC’s active participation at GITEX. he said: “There are three main purposes that AEC is here. First, it is a good way to attract new customers. Second, it is an opportunity to meet with our current customers.
She believes that the region follows the same cycle in the adoption of compliance standards and certification as Europe did initially. “It takes time to build the understanding and the knowledge that security is not just a technical solution. So I think the realisation that security certification is needed is still growing in the region, Information Security is a young subject and still needs to grow,” she adds. The Technical Management Board is now working on developing a new compliance standard that focuses on a set of guidelines encompassing all management systems, from quality management to food security management. In Dr Plate’s opinion, “These standards will have an immense impact on the existing management systems, because they will combine all the management systems operating within an organisation. The revisions to the ISO 27001 standards are expected to be complete by 2013 and the ISO 27002 revisions may take just a little longer than that.” She also shed light on a new standard being developed focusing on information security controls for the use of cloud computing services based on the ISO 27002 standard. The standard is currently in the “study period” and progress on it will be based on the decisions at the end of this period.
And third, it is an arena for meeting new partners.” Creating and providing solutions for markets in the region is important to the company. AEC works with multiple partners including Cisco and Oracle and GITEX serves as an ideal networking platform. Dr Biyari commented: “ GITEX has grown so much since its inception, from a couple of halls to a global event. It brings people together and it is an event with a strong local and global presence.