Business communication

We are in the business of enhancing every experience for customers and employees. We reimagine the way people and business engage and experience by guiding you get out the most out of your business communication. We are experts on PABX Support, supply and Installation, structured Cabling, Audio and video conferencing solutions. Network equipment supply and support including Wireless solutions, CISCO, Avaya, Ruckus etc. We are also in the space of Security solutions cctv access control and others. Our forte in the business communication space mainly focuses on Nortel cs1000, bcm, call pilot, symposium contact center, AVAYA ip office, Communication Manager,Emetrotel, g450 gateways installation, support. Avaya session manger integration between systems using SIP. AVAYA messaging, Avaya Contact Center, Polycom audio and video conferencing..

Data protection and privacy

in particular GDPR (General Data Protection Regulation) and compliance and DPA (Data Protection Act) 2019 of Kenya. We conduct GDPR and DPA act awareness trainings. We also conduct on-site evaluation of the data protection risks associated with your processes or system. We thereafter provide a remediation plan to mitigate those risks.

Incident response activities

With our developed framework and investigations, we apply processes and methods that enables timely, effective response to cyberattacks. This includes, identifying an attack, understanding its severity and prioritizing it, investigating and mitigating the attack, restoring operations, and taking action to ensure it won't recur to the affected entities.

Threat modeling

By applying structured process with these objectives – we identify security requirements, pinpoint security threats and potential vulnerabilities, quantify threat and vulnerability criticality, and prioritize remediation methods.

Hospitality systems

Software is not the core competence of a hotel. However, hiring IT specialists to perform the automation of processes and create an environment for effective management, marketing or sales is too expensive and often unnecessary. There are many solutions on the market, and we will find the ones that work best for your property. From building a 360° software strategy to its implementation and further support - considerable progress is guaranteed with our knowledge and passion for perfection. 30+ years of experience. This is our areas of expertise.

Vulnerability, Risk assessment and management

We review systems and networks that are susceptible to any vulnerabilities. The assessment helps the organization determine security flaws, risk exposure, and assets that are potentially exposed to Cybersecurity breaches.

Defense in depth

We apply a series of security mechanisms and controls thoughtfully layered throughout a computer network to protect the confidentiality, integrity, and availability of the network and the data within. This includes and not limited to, Cloud security management, Endpoint, SIEM, data protection and network security, end user awareness, identity and access cybersecurity management.

Governance, Risk and Compliance

We have experience in managing ISO 27001, NIST and Zero Trust Security Standards. Information security policies, processes, and procedures development. We walk with you through the journey of standards compliance.

IS audit & assurance

We examine and evaluate organization's information technology infrastructure, policies and operations. Through information technology audit, we are also able determine whether IT controls protect corporate assets, ensure data integrity and are aligned with the business's overall goals.

Solution architecture & Engineering

We are in the practice of designing, describing, and managing solution engineering to match it with specific business problems. For example, protecting customer data under GDPR and DPA, is a business-level problem. With our expertise and experience with solution architecture, we go further and defines how those requirements would translate into the way a given software operates.

Penalties non compliance

Not more than KES 5 million or, in the case of an undertaking, not more than 1% of its annual turnover of the preceding financial year, whichever is lower. Individuals will be liable to a fine not exceeding three million shillings or to an imprisonment term not exceeding ten years, or to both

Increased Territorial scope

DPA will apply to all companies processing the personal data of data subjects residing in Kenya, regardless of the company’s location

Explicit & Retractable consent from Data Subject

Must be provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it.

Data Subject’s Rights

Must be provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it.

Breach notification within 72 hours

Notify the Data Commissioner within seventy-two hours of becoming aware of a breach and to the data subject in writing within a reasonably practical period.

Privacy By Design

Now a legal requirement for the consideration and inclusion of data protection from the onset of the designing of systems, rather than a retrospective addition .

Data Inventory

Organizations must maintain a record of processing activities under its responsibility–or, in short, they must keep an inventory of all personal data processed. The inventory must include the multiple types of information, such as the purpose of the processing.

Mandatory Data Protection Officer

Depending on the type of personal data and intensity of processing activities, an organisation may be required to appoint a Data Protection Officer to facilitate the need to demonstrate compliance to the Act.

Legal & compliant

The Data Protection Act (DPA) introduces new requirements and challenges for legal and compliance functions. Organizations will require a Data Protection Officer (DPO) who will have a key role in ensuring compliance. If the DPA is not complied with, organizations will face the heaviest fines yet –up to 1% of the previous year’s turnover. Call to Action A renewed emphasis on organizational accountability will demand proactive robust privacy governance. This will require us to review how we write privacy policies to make these easier to understand and enforce compliance.

Technology

New DPA requirements will mean changes to how technologies are designed and managed. Documented Data Protection Impact Assessments Data Text and technologies that are likely to result in high risk to the rights and freedoms of data subjects.

Call to Action

Security breaches will have to be notified to regulators within 72 hours.
Implementation of new or enhanced data security approaches and incident response procedures.
Privacy Impact Assessment is expected to become commonplace across organizations over the next few years.
The organization will be expected to look more into data masking, pseudonymization and encryption.

Data

Individuals and teams tasked with data and information management will be challenged to provide clearer data storage, journeys, and lineage oversight. Call to Action Having a better grasp of what data is collected and where it is stored will make it easier to comply with (new) data subject rights –rights to have data deleted and to have it ported to other organisations. This will also have an impact on Third Party vendors that entities organisations work with