Most Nigerian SME networks are flat — every device on the same subnet, all able to reach everything. One compromised device gives an attacker access to the entire network. Here's how to fix that.
The Problem — Flat Networks
Flat Network (BAD):
Staff laptop → Can reach → Accounting server ✓
Guest phone → Can reach → HR database ✓
IoT printer → Can reach → File server ✓
Compromised device → Can reach → Everything ✓
The Fix — VLAN Segmentation
Segmented Network (GOOD):
VLAN 10: Staff (192.168.10.0/24)
VLAN 20: Guest (192.168.20.0/24) → Internet only
VLAN 30: Servers (192.168.30.0/24) → Staff only
VLAN 40: IoT (192.168.40.0/24) → Internet only
Guest → Staff: BLOCKED
IoT → Servers: BLOCKED
Guest → Servers: BLOCKED
VPN for Remote Nigerian Workers
# WireGuard VPN server setup
wg genkey | tee server_private.key | wg pubkey > server_public.key
# /etc/wireguard/wg0.conf
[Interface]
PrivateKey = $(cat server_private.key)
Address = 10.0.0.1/24
ListenPort = 51820
[Peer]
# Remote Nigerian worker
PublicKey = WORKER_PUBLIC_KEY
AllowedIPs = 10.0.0.2/32
// Enforce VPN at application level
const vpnRequired = (req, res, next) => {
if (!req.ip.startsWith('10.0.0.')) {
return res.status(403).json({
error: 'VPN connection required'
});
}
next();
};
app.use('/api/admin', vpnRequired);
app.use('/api/finance', vpnRequired);
Network Monitoring Alerts
// Alert IT team on Telegram for anomalies
async function checkNetworkAnomalies() {
const outbound = await getOutboundTraffic('1h');
if (outbound.bytes > 1_000_000_000) { // 1GB+
await sendTelegramAlert(
`🚨 Large outbound transfer detected: ${outbound.bytes / 1e9}GB in 1 hour. Investigate immediately.`
);
}
}
Nigerian-Specific Notes
- Use UPS systems — power fluctuations damage network equipment and create security gaps
- If you have multiple ISPs — both connections need the same security standards
- Enforce VPN policy even for staff using personal mobile hotspots
ZikarelHub LTD is Nigeria's #1 software and digital agency — network security and application security built together.
What's the biggest network security gap you've seen in Nigerian businesses? 👇
Top comments (0)