The General Manager, MDXi Data Centre, a subsidiary of MainOne, Mr. Gbenga Adegbiji, spoke on the European Union General Data Protection Regulation compliance, in this interview captured by Emma Okonji. Excerpts:
With the recent European General Data Protection Regulation (EU GDPR) law compliance and other data domiciliation trends, how do you think this can impact Nigeria?
The rise of data domiciliation policies globally is due to the increasing spate of cybercrime, cyberwarfare, hackers and the like. Data domiciliation is purely a preventative strategy to mitigate cyberattacks. Nigeria and Africa as a whole can be hugely affected because today, most of our critical data is hosted abroad. In Nigeria, for instance, a lot of our sensitive data such as our financial records, citizens’ information and telecoms data are currently not hosted here. Should these data get to the wrong hands, access to the data will be dangerous and this can make us extremely vulnerable to cyber-attacks. Those countries where we host our data will not allow their own data to be hosted outside their shores because they understand the security and economic implications of it. Now that Nigeria has world-class data centre facilities in-country, government should as a matter of urgency, enforce the data domiciliation regulations to ensure we are all protected. I think the push by the lawmakers to enable localisation of data and operations by telecoms operating companies in the country, is in the interest of national security and it is a good start. More than ever, this will foster competitive practices with service quality and eventually price becoming the differentiator. With this policy, more companies will build data centres to serve the demand and this will eventually democratise colocation services. With new technologies such as block chain, cryptocurrency and the internet of things becoming the norm in Nigeria, specialised and edge data centres will evolve, new digital services will also emerge that will further deepen the market. These will ultimately broaden the ecosystem and ultimately create more jobs and business opportunities in the country.
Talking about developing a digital economy, what are the things you think the Nigerian government should focus on?
We should continue to support data residency policies with government taking the lead with the Ministries, Departments and Agencies (MDAs) of government and private sector. Government should also support indigenous players. Sadly, it is only in Nigeria that you have to be advocating for this. Most of the other countries of the world, even some West Africa countries, have these protections entrenched in their laws and will not compromise it for anything. We should begin to emulate more developed countries including China, and most countries in Europe that have data domiciliation laws. We must identify and host critical national data in-country. For example, before the Chinese government allow global players to operate in their country, they are mandated to either construct a manufacturing plant or employ 1000 local staff. They also encourage knowledge transfer and promote local companies who compete with global players. These are conscious efforts by the government to promote their industries and develop their economy. This was the case with Alibaba, Wechat, among others in China, some of which now have annual revenues that are more than the GDP of some countries. Nigerian government should pay serious attention to these developments globally and ensure that best practices are adopted in the country.
MDXi recently achieved the Tier III Certification of Constructed Facilities (TCCF) certification. What is the certification about?
We received the certification following a performance-based evaluation of our data centre infrastructure. It is a test that ensures that every component of the infrastructure is concurrently maintainable and has been installed in accordance with the original certified design documents. For us, because we have built the data centre in accordance with the certified Tier III designs ab-initio, the over 90 different tests and demonstrations validate what we have been doing in the last three years and the achievement of the certification was very seamless. TCCF is a progression from Tier Certification of Design Documents (TCDD) and goes beyond the review of paper designs to rigorous on-site testing to root out discrepancies between the actual installation and design. The multiple certifications of MainOne’s MDXI demonstrate compliance to globally accepted standards on high availability, commitment towards the security and protection of the information assets of the company and its customers and provides assurance of the quality of the data centre’s infrastructure and ability to react to disruptions due to unplanned activities.
MDXI’s 600 rack facility in Lekki is the premier commercial data centre in West Africa built to meet the rapidly growing demand for co-location, managed hosting and cloud services within the region.
So, what exactly were the criteria for achieving the certification?
The two major criteria for Tier III data centre specification are redundancy and concurrent maintainability for all capacity and line equipment including power, cooling and distribution systems. We built the facility in line with the certified designed documents and in some cases, have provided more than what is required because of the understanding of the Nigerian operating environment. So, because of this, we were initially not keen on re-certifying to the TCCF until our customers started requesting. For instance, we already invested significantly in power, with a direct private connection to the national grid through the Eko Electricity Distribution Company, ahead of TCCF. This was a capital investment of hundreds of millions of naira in substation equipment and dedicated power lines, which bypass most of the ‘last-mile’ challenges encountered in electricity distribution in Nigeria. We did this because we knew power alone is a differentiator in data centre operations and possibly the biggest albatross for Direct Connection (DC) operators. With our direct connection to the national grid, we have an average of 22 hours of public power availability per day which translates to operational stability and cost savings for us and our customers.
What does the TCCF mean to you, your customers and of what value is the certification to the Nigerian economy?
Let me say it this way, it is an attestation to the fact we are able to continually provide uninterrupted data centre and cloud services to our customers in the face of planned and unplanned maintenance. It is an endorsement of what we have already known and what we have been delivering since 2015 when we launched MDXi data centre operation in Nigeria. Our facility was designed to these specifications, our design documents were certified to the standards and our construction was purpose built in line with the approved documents and international best practices. Prior to the construction, we also went through numerous design audits to ensure alignment of all applicable international standards and best practices in all areas of the infrastructure. The TCCF is now a reassurance to our existing and prospective customers that we will be able to deliver the services we promised them in all ramifications, no matter the situation. Again, when you add the TCCF to the other data centre certifications which we already have; for instance, the SAP Infrastructure Services license, which certifies that we can run SAP applications and infrastructure; the ISO 27001 which certifies us for information security compliance; the ISO 9001 that certifies us for quality management; and the PCI-DSS certification which places our data centre as the only co-location data centre in Nigeria that can securely process payment card information, you can see that we have done due diligence and ensured compliance with international benchmarks. Being compliant with PCI-DSS means that we are doing our very best to keep customers valuable information safe and secure and out of the hands of people who could use that data in a fraudulent way. It is a global security standard for protecting card data and was created by the world’s biggest card companies; Visa, MasterCard, American Express, Discover and JCB. Not sure any certification is as stringent and detailed as that for card chip data and we already have that. With these certifications and endorsements, MDXi has placed Nigeria on the world map of countries that are prepared for the digital economy and we are happy to be at the forefront of this.
Now that you have TCCF certification, what next?
We will extend our services across West Africa, providing the same services to enterprises, governments and individuals across the region. As you may know, we are currently building our Sagamu Data Centre, to boost information and communications technology (ICT) development in Ogun State and to serve as a disaster recovery option for our existing customers. We will also announce the commencement of our Cote d’Ivoire data centre soon and Ghana should follow almost immediately. Like I said earlier, our objective is to enable the digital ecosystem in the region and we are strongly committed to this.