The Federal Government has said that all Nigerian government websites must be hosted in Nigeria.
The mandatory requirement for local hosting of government websites is one of the highlights of standards and guidelines on Nigerian Government Websites by National Information Technology Development Agency (NITDA).
Technology Times review of the guidelines show that government institutions are also to use the .gov.ng domain name strings for their website to ensure uniformity and compliance with best practices in the domain name industry.
“In compliance with the Government Domain Name Policy, all Government Websites must use .gov.ng exclusively”, the rules say.
The relevant provision on local hosting reads that, “The above naming Policy applies to all Government Websites irrespective of where they are hosted. Also based on the extant rules as stipulated in the Regulatory Guidelines for Nigeria Content Development of 2013, all Government Services and Websites must be hosted in Standards and Guidelines for Government Websites in Nigeria.”
The IT regulator says it is reviewing the guidelines to improve “the quality, reliability, accuracy and accessibility of online information pertaining to Government Institutions at all levels of government and to ensure consistent experience for all users.”
Under the guidelines, all government institutions are to ensure that information published on their websites are authentic, reliable and credible.
All websites under Nigerian Government Domain at any level, whether Federal, State and Local Government levels, “must prominently display a strong Nigerian Identity and ownership of Nigerian Government.”
Regarding the visual identity, government websites must adhere to the underlisted standards:
- The National emblem (Nigerian Coat of Arms etc.) should be displayed on the homepage of the websites of all Federal Government Institutions. The use of the National emblem such as the Nigerian Coat of Arms, should be in accordance with the provisions of the Nigerian National Flag and Armorial Ensigns Act of 1962.
- Government Institutions shall display their official logos on the homepage of their respective website to re-enforce their identities.
The homepage and all important entry pages of the website shall display the ownership information, either in the header or footer.
The ownership of the Agency should also be indicated at the bottom of the homepage and all important entry pages of the website. For instance, at the bottom of the homepage, the footer may state the lineage information, in the following manner:
- This Website belongs to National Information Technology Development Agency (NITDA).
- This is the official Website of National Information Technology Development Agency (NITDA).
- This is the official Website of the Ministry of Communications.
Government Institutions shall ensure that all subsequent pages of the website display ownership information in a much simpler form as possible.
All website home pages must be complete and clearly display the name of the respective Government Institution or Service.
All government websites are also to meet the following hosting guidelines:
- All Government websites and their domains shall be hosted in Nigeria (Refer to the Regulatory Guidelines for Nigerian Content Development in ICT – 2013).
- No government Website shall be hosted outside Nigeria unless on the Written Authorization obtained from NITDA.
- Government Web hosting shall aim to ensure the high availability of Websites, Databases, Applications and Services.
- Government web hosting shall provide for secure remote access through secure channels
- Government Institutions shall manage their web hosted applications through a secure management tool that provides control, flexibility and reliability.
- There shall be regular back-ups of all hosted content for the purpose of ensuring business continuity in case of failure.
- Government Institutions shall also develop a comprehensive business continuity and disaster recovery plan.
- Government Institutions shall ensure that Web security strategies are put in place. ix. Government Institutions shall implement real-time event log monitoring for critical security incidents and periodic analysis.
- Mechanisms to monitor security-relevant policies (e.g., authentication, authorization, etc.), activity (e.g., privileged user activity) and applications (e.g., IDS, IPS, firewall, etc.) in real time should also be put in place.