Technology
Avoiding Security Complexities
Many years ago, the firewall was everything. Defence-in depth was a concept defined as layered defence with multiple firewalls on the path.
Behind the firewall was a fortress. Organisations designed networks with strong perimeters and demilitarised zones to ensure the crown jewels were well-protected. Attackers had a difficult time trying to break into the firewalls.
On the physical layer, Network Admission Control (NAC) technologies were implemented to prevent intruders from having direct access into the network by preventing them from plugging unauthorised devices into the network. Before a device was admitted, it had to meet a minimum requirement defined by the organisation.
Those years are gone and maybe gone forever. Cloud computing, Bring Your Own Device (BYOD), Artificial Intelligence, Internet of Things (IoT), VPNs and Remote Working Capabilities have dramatically changed the way businesses run.
These technologies have introduced a level of innovation and disruption that were unimaginable only a few years ago. They have resulted in the collapse of the traditional network perimeter, thereby increasing the attack surface for cyber-attacks. Enterprise networks coverage is today being extended beyond our imagination – outside the traditional datacentres to smartphones, cloud platforms, mobile computers and IoT interfaces without geographical boundaries.
The bad guys now have a plethora of interfaces to launch their attacks on; they do not have to breach the network using traditional social engineering tactics physically.
The recent changes in the work environment occasioned by the COVID-19 have further amplified the extension of network boundaries beyond the traditional datacentres. Employees work from home with devices and connections into the enterprise networks that were not originally designed for such. Improvised connections were made to allow functionality because the pandemic came without announcement.
The danger this poses is that some of these end devices were not originally designed with security in mind. Even if security was a consideration, not so much for enterprise data protection. These devices are most of the time not hardened, and their owners may not understand the effects on the overall organisational security posture.
A handful of these devices are installed with default passwords, and most times, these passwords are not changed during or after installation.
So, it is easy to guess the password by manual methods or using advanced dictionary or brute force attack methods. Another risk posed by these endpoints is the lack of security updates and patches. Because they are sometimes not seen to be part of the enterprise network, they are not included in the patch management programme, and their presence introduces high-level vulnerabilities within the enterprise network.
It then becomes easier to utilise malware that could tunnel through the firewall to breach the enterprise network, instead of spending months and years trying to break into the firewall or layers of firewalls.
In recent years, large-scale attacks have been launched using malware by exploiting known vulnerabilities and security gaps on endpoints.
For example, the WannaCry, Petya and another variant of Petya, the NotPetya were employed to launch attacks on enterprise networks through vulnerable endpoints. Another danger with this trend is potential data leakage because these devices are used to either temporarily or permanently store organisational data.
There is also concern about device loss. If these devices are lost, there is a risk of exposing the organisation’s data to unauthorised entities, and that could both result in financial and reputational damage.
These dangers are also expanded by the impact of the COVID 19 pandemic, where organisations made ad hoc improvisions to support businesses while employees work from home.
As commerce resumes, organisations are beginning to discover some capabilities to support their businesses remotely, and they are also rethinking their business continuity strategies.
For some businesses, this is not just a temporal shift, but a change which has permanently altered the operational procedures of the organisation.
Legacy cybersecurity strategies, techniques and investments will not be enough to mitigate the rising cybersecurity concerns introduced by this new way of working. Protection has gone beyond throwing in uncoordinated technical solutions and efforts.
Organisations need to rethink a new approach for the protection of their assets within the ever-growing complexity both to remain afloat and also to derive commensurate Returns On Security Investments (ROSI). A well-crafted strategy will ensure that cybersecurity efforts are coordinated within the enterprise, without duplication of efforts and resources, which will, in turn, drive down the cost of implementing cybersecurity initiatives.
To improve the security posture, organisations must do the following:
Continuously monitor the devices, applications, and processes running on the network.
Automate security monitoring and mitigation.
Implement systems that are capable of automatic detection, isolation and containment of threats within the network.
Ensure that monitoring covers event data, session data, and historical data on endpoint usages, such as past processes, network connections, and other information.
Another measure organisations should take is reducing complexities. The extension of the network boundaries has not stopped organisations from using existing network solutions to protect the enterprise network.
However, in a bid to ensure the protection of the on-premise infrastructure and the ones beyond the organisational traditional network boundaries, organisations combine existing technologies with new solutions and the resultant effect is an increase in complexity.
To effectively manage security, organisations should put measures in place to ensure a reduction in complexity and enhancing visibility. This can be achieved by unifying all efforts and technologies for managing both on-premise and off-premise infrastructure in a single platform. Beyond technical controls, organisations should develop procedures, standards, and policies for acceptable use of organisational resources.
For further information and engagements on the pcl. cyber security services, send an email to te********@****************ng.net
By Modupe Gbadeyanka
A designed-in-house server known as Nathu La has been launched by a global technology company, Zoho Corporation.
Nathu La is engineered with hardware-rooted security at every layer of the stack. Its indigenous IP-driven approach reduces dependency on external entities for security audits, firmware updates, and licensing continuity.
The solution aligns with open-source software principles and reflects Zoho’s broader commitment to building sustainable, secure, and scalable digital infrastructure. It also supports the growing global focus on digital sovereignty, local innovation ecosystems, and high-performance computing capabilities.
The platform was introduced by the company as part of a pivotal step in its journey towards building its full technology stack, from the hardware layer to software applications.
With Nathu La, Zoho has achieved equivalent performance with 12-18 per cent lower power consumption and 20-30 per cent lower total cost of ownership (TCO), thereby reducing inference costs.
The Nathu La server, comprising Intel® Xeon® 6 processors, was developed collaboratively with Intel, leveraging their enablement capabilities and technical expertise.
The design philosophy behind Nathu La is rooted in the Open Compute Project (OCP), emphasising modularity, thermal efficiency, and ease of maintenance. This enables Zoho’s data centres to significantly reduce total cost of ownership and power consumption.
Zoho plans to host its applications on the Nathu La server platform, enabling the company to optimise the full software-hardware stack for its specific workloads, reduce costs, improve performance, and strengthen data governance for its global customers. This will also help bring down inference costs for Zoho’s AI usage.
The Nathu La server motherboard and chassis platform is the result of five years of R&D across hardware, firmware, and systems management. Based on Intel® Xeon® 6 Processors, the server is designed to optimise performance for virtualisation (VM), High Performance Computing (HPC), AI inference, and storage applications. This results in improved performance of Zoho applications for end users.
The server features customised power delivery subsystems, an in-house DC-SCM (Data Centre Secure Control Module) design, and modular chassis options compatible with diverse end-user environments, offering flexibility across deployment types.
All modular components – including the DC-SCM and NIC (Network Interface Card) – were designed in-house by Zoho’s hardware engineering team and assembled through electronics manufacturing partners, enabling tighter integration and quality control across the platform. Over five patents have been filed covering advanced thermal management and cost-optimised server architecture designs.
“Zoho Corporation has invested in building its own technology stack from the ground up over the last three decades. The Nathu La server launch is in line with that goal.
“With our strategy of using contextual, right-sized models, running on our own platform, on our own servers, in our own data centres, we are compounding the benefits accrued from owning and operating our entire technology stack. This ensures that our solutions are more sustainable and accessible for businesses.
“These long-term R&D investments we are making at every layer of the stack are aimed at delivering customer value,” the Country Head for Zoho Nigeria, Mr Kehinde Ogundare, stated.
In 2020, Zoho established a small R&D team in Nagpur, a Tier 2 town in India, focused on projects such as server design and systems engineering.
Members of the Nathu La R&D team include hires from SETU – short for Students’ Engagement for Transformative Upskilling – an initiative designed to build a pipeline of industry-ready engineers, with a focus on advanced learning in Electronics System Design and Manufacturing (ESDM).
By Adedapo Adesanya
The financial technology arm of MTN is mulling a direct shift into lending after bringing on its parent company, MTN Group, as a major investor to help cushion against losses that have plagued the business.
According to MTN Group Fintech chief executive, Mr Serigne Dioum, the company wants to move beyond helping customers access loans through partners.
He said in markets where regulators allow it, MTN wants to lend directly and use its own balance sheet.
“We’ve expanded access to credit for more people, but we also want to move further up the lending value chain,” Mr Dioum told investors at the company’s capital markets day.
“Where appropriate, we will seek licences that allow us not only to facilitate loans but also to lend directly to customers and deploy our own balance sheet.”
This development is expected to create a shift in its current fintech model which provides financial services, including deposits, payments, transfers and digital wallets to individuals and small businesses via digital and mobile‑based platforms.
The company has applied for Payment Solution Service Provider and Payment Terminal Service Provider licences through MoMo PSB, its Nigerian fintech subsidiary. If approved, the licences would allow MTN to handle more payment processing, build merchant payment tools, deploy and manage POS terminals, and reduce its dependence on third-party processors.
Despite the opportunities present in the credit market, direct lending could give MTN a larger share of revenue, but it would also expose the company to credit risk, regulation and tougher competition with banks and digital lenders.
Mr Dioum said only about 4 per cent to 5 per cent of adults have access to formal credit across the African continent. In Nigeria, the funding problem is especially severe.
A 2025 report by the National Credit Guarantee Company said nearly 80 per cent of Nigerian MSMEs lack access to formal credit, while Stears has estimated the country’s MSME financing gap at about $236 billion.
For traders, small shop owners, transport operators and households, access to small loans can determine whether they restock inventory, pay suppliers, cover emergencies or expand a business.
In April, MTN Nigeria announced that its parent firm, based in South Africa, would acquire a 60 per cent stake in MoMo Payment Service Bank Limited (MoMo PSB) and Y’ello Digital Financial Services (YDFS) Limited.
The fintech units are currently loss-making, and this move will help MTN Nigeria to reduce financial risk and share future losses and investment burden. However, it will still keep a significant minority stake (40 per cent).
By Aduragbemi Omiyale
The reach of the Meta Business Agent is being expanded to Instagram and other platforms of the social media giant.
Meta Business Agent is an artificial intelligence (AI) that allows business owners to attend to customers’ needs with ease.
Customers expect instant responses, but no team can be everywhere at once. This innovation handles such without hassles.
It helps businesses to answer questions specific to the business, makes product recommendations from the catalogue, books appointments, qualifies incoming leads, and closes sales.
More than one million businesses are already using a Meta Business Agent on WhatsApp and Messenger to respond to customers around the clock.
“We’re now expanding our Business Agent to businesses big and small globally, so within minutes you can have yours up and running, responding in your customer’s local language using your tone,” Meta said in a statement.
“We’re also expanding these agents to Instagram since businesses connect with their customers there, too. Businesses can activate their Business Agent here. Getting started with the Business Agent is free. In the coming months, businesses will access the agent through our paid subscription offerings, with options for businesses of every size,” it added.
Meta also stated that it is making it simpler for people to discover businesses powered by a Meta Business Agent directly on WhatsApp. It noted that starting soon, people will be able to find businesses by typing their name in the Search bar, or by sharing their phone number or contact card in chats with friends and family. This way, when more customers reach out, they get a quick, helpful response.
-
Feature/OPED6 years agoDavos was Different this year
-
Travel/Tourism10 years ago
Lagos Seals Western Lodge Hotel In Ikorodu
-
Showbiz3 years agoEstranged Lover Releases Videos of Empress Njamah Bathing
-
Banking8 years agoSort Codes of GTBank Branches in Nigeria
-
Economy3 years agoSubsidy Removal: CNG at N130 Per Litre Cheaper Than Petrol—IPMAN
-
Banking3 years agoSort Codes of UBA Branches in Nigeria
-
Banking3 years agoFirst Bank Announces Planned Downtime
-
Sports3 years agoHighest Paid Nigerian Footballer – How Much Do Nigerian Footballers Earn