× Business BUSINESS MOTORING SHIPPING & LOGISTICS DR PESA FINANCIAL STANDARD Digital News Videos Health & Science Lifestyle Opinion Education Columnists Moi Cabinets Arts & Culture Fact Check Podcasts E-Paper Lifestyle & Entertainment Nairobian Entertainment Eve Woman Travelog TV Stations KTN Home KTN News BTV KTN Farmers TV Radio Stations Radio Maisha Spice FM Vybez Radio Enterprise VAS E-Learning Digger Classified Jobs Games Crosswords Sudoku The Standard Group Corporate Contact Us Rate Card Vacancies DCX O.M Portal Corporate Email RMS

Saccos at risk for not auditing IT service providers

By Graham Kajilwa | August 18th 2021
Serianu Chief Executive William Makatiani.

Failure by Saccos to audit vendors providing them with back-end technological support is a major risk to members’ investments.

The latest report on the status of cybersecurity among Saccos shows that 52 per cent of these vehicles for saving do audit the vendors.

Only 11 per cent of Saccos documented in the report compiled by Serianu, a cybersecurity and consulting firm, maintain contracts with their vendors. Similarly, just 22 per cent of Saccos conduct an audit on vendors before engaging them.

The report was launched today by Serianu Chief Executive William Makatiani, who noted that Saccos are placing too much trust on vendors. Other loopholes listed include database sharing, password hygiene and remote access to the system.

The report interviewed and surveyed 110 Saccos. Makatiani cited incidents where payment commands are changed before the intended recipient of the money receives.

“You will find the problem to be on the vendors’ side, and especially if they are poorly paid,” he said.

“There are Saccos who let vendors have too much access to their systems. We have people who have let vendors fix everything. With the issue of access, we will always have malicious people around."

Intrasoft International East Africa Chief Executive Wambui Mbesa said due diligence should be undertaken by Saccos before hiring the vendors.

She noted that some Saccos, due to financial constraints, go for the less expensive vendors hence risking their investments and systems.

“Do not engage people in an IT company who do not have any domain expertise in the financial sector,” she said. “Cheap is and can be very expensive. Do not be lured,” she said.

Serianu Chief Operating Officer Joseph Mathenge, who presented the report, said some Saccos were now investing more in cyber security. ”More than 30 per cent of attacks involve vendors,” he said.  

Share this story
Digital educators champion STEM training
One of the biggest concerns from human resource practitioners in recent years has been on 'half baked' graduates hitting the job market.
Dog walking becomes the newest hustle in town
Dog walking is now a status symbol. Owning a pet is cool. I nowadays meet lots of Kenyans and foreigners walking their dogs and some running.