Amid heightened expectations that the Central Bank of Nigeria (CBN) would commence further issuance of mobile payment licences to prospective companies in June, some operators have begun intense lobbying to ensure that they acquire the requisite licences to provide Mobile Money Transfer and Payment (MMTP) services to the Nigerian populace.
In January, Abayomi Atoloye, acting director, banking operations, CBN, had disclosed that m-payment system would take-off in the country by middle of the year. He said that CBN had received many applications for license to operate m-payment in Nigeria, further adding that the apex bank had set up a policy and oversight unit with the mandate to ensure compliance and recommend modalities for approval of license.
At the forefront, the companies in line for the licenses include: Mobile Media Info Tech Limited (MMIT) led by Jide Akindele; Eartholuem Networks promoted by Bola Adeyinka and Peter Afam Emeleogu; Tagattitude Nigeria led by Femi Akinware; Mtec Communications, a mobile value added services company listed on the Nigerian Stock Exchange (NSE); TXTPAY, Easipay, UBA and GTBank.
Others are Ingres Quality Rollout, a specialised telecom/information technology (IT) service delivery and infrastructure development consulting firm led by Chidiebere Anosike; Pagatech piloted by team of Jay Alabraba, Tayo Oviosu, Aisha Bello and Phillip Uwamurogie as well as Celltrust which is based in Abuja and has Samuel Ucheagha managing its operations.
The Tide learnt that each licensee must meet CBN’s conditions including having minimum paid up capital of N500 million. It was further gathered that some prospective players would be granted provisional approval in June to commence pilot projects to enable the CBN appraise the efficacy of the system using international best practices and standards.
When the services are rolled out, m-payment would radically transform the manner by which Nigerians make payments for their business transactions with the mobile phone expected to be deployed as the main platform for payments. In addition, with only 22 million bank accounts and less than 10,000 bank branches to cater for 140 million people, m-payments would indeed reach over 80 million mobile subscribers. This would also include people without access to formal financial services in urban and rural areas.
It would be recalled that MoneyBoxAfrica, a mobile savings and payment platform, became the first M–payment licensee in the country in 2009 but is yet to activate the licence. It was however not apparent which m-payment provider would scale through as at press time but there are strong signals that financial institutions would obtain a better share of it.
From all indications, telecom companies have been relegated to the sidelines. Some industry analysts have argued that the CBN’s m-payment guideline favours financial institutions rather than Mobile Network Operators (MNO) in terms of model adoption for service deployment. They further stated that the fear of domination of the sub-sector by MNOs may be responsible for the apex bank’s action.
How to improve PC aim in Warzone
When playing a multiplayer game, accuracy and speed are crucial, especially if you are playing a ranked match. Read on.
Whether you are a Warzone veteran or a fresh-faced recruit who badly wants to improve his KDA, we have tips that might be useful for you. The Battle Royale is incredibly competitive, and even the best players may struggle to win. While picking loadouts and meta weapons may help in the department of damage, they will not prove to be helpful if you do not level up the play’s other aspects.
An area that is important to the performance of any FPD player is their ability to break into targets with the deadliest precision. Whether you are a dedicated console enthusiast or a stalwart PC player, you will want to upgrade your win rate in Warzone. So, let us help you with all the tips to improve your aims.
Reduce the sensitivity of your mouse
Warzone has a very fast-paced nature. You may feel tempted to play with higher sensitivity as you will zap onto other players within seconds. But, playing with higher sensitivities can make you more frustrated when it comes to landing those vital bodies and headshots.
According to the Warzone Hacks, try to lower your sensitivity value to a degree where you can knock off targets without overshooting. Switching to low controller/mouse sensitivity enables you to be a lot more accurate with shots. You can take down your foes with oodles of lease.
Lower the mouse’s DPI
When it comes to managing the Warzone sensitivity, PC users have more control as they can lessen the DPI (dots per inch) linearly. If the mouse has no dedicated settings application, you can go ahead with DPI configuration via the Window Settings’ Devices panel. After identifying the DPI settings of the mouse, adjust it to a lower value.
Pro FPS players configure a value of 800 DPI for their mouse and play with lesser sensitivity in-game. Pro players may use these settings, but that does not mean you have to copy them. Experiment with the DPI values and stick to the one that suits you perfectly. If lower sensitivities are troubling you, then try to lower the current settings gradually.
Aim at the height of the head
One lethal tool of Warzone is the headshot multiplier. It helps to kill quicker too. As an outcome, try to keep the gum targeted roughly where the head of the target is. Anybody reading this blog who has played Rainbow Six Siege, PUBG, Valorant, or CS GO will understand how valid this suggestion is.
Remember that the top FPS players stay ahead because they combine their fantastic knowledge and excellent aim in the game. These two things give them aimbot-like reflexes. Thus, use this technique so that you can take down your foes before they get time to react.
Download aim trainer
If you play Warzone on your PC, then the option of aim trainer will be available to you. This aim training software improves your aim significantly, but you have to maintain your patience levels high. Before you drop into Verdansk, warm up a little and take down the AI targets.
Use Correct Sight
Warzone features a wide array of optics for every gun. Hence, selecting the one for a task could be a challenge. Remember, there are just a handful of them that can be used. Some sights fall short because of high magnification, vision-impairing bulk, and lengthy ADS time. Thus, we recommend kitting the gun with blue-dot Holo Sight or VLK optic. Both these sights will offer you the most transparent image when taking the head or chest shots.
Do not have tunnel vision
While holding the angles can be advantageous, it can also cause a quick death if you are careless. Watching a map’s single side or screen may feel tempting, especially if you have spotted something in peripheral vision. However, if you found nothing even after scouting the location for movements, we suggest checking the surroundings.
When aiming in Warzone from the PC, keep the chair’s height relative to the desk’s height. A lower or higher height will disturb your arm, and your aim may also suffer because of that. So, warm up before a match so that you can aim better.
AWS Security Audit: Things To Keep In Mind, Checklist, and Tools
AWS security audits are important for any organization looking to assess its IT Security. AWS security audits involve both a technical and non-technical review of all major systems, networks, databases and applications. The audit also includes an assessment of the organization’s risk tolerance level in order to prioritize remediation efforts.
AWS security auditing is also essential when it comes time to ensure compliance with industry standards like HIPAA (Health Insurance Portability & Accountability Act), PCI DSS (Payment Card Industry Data Security Standard) and ISO 27001/27002 (International Organization for Standardization Security Standards, ISO 27001 specifically.
This blog post will provide you with some tips on things to keep in mind, a checklist, and tools and processes that your company can use for performing security audits on your AWS environments.
5 Things to keep in mind during security audit for your AWS
- Security assessment of the existing environment.
- Security assessment for new/future services and products.
- Review AWS managed security service (ex. IAM, encryption) availability, performance & capacity limits.
- Security assessments at the application layer include web applications servers like Apache or Nginx running on ECWs and databases like MySQL or Oracle Database running in RDS instances.
- Security audits for any other technologies that are used by your organization can be performed as well.
- You should also ensure network segmentation between cloud resources and create a secure baseline configuration with an eye toward best practices around networking, operating systems deployment processes, patching processes, monitoring tools, etc.
A security assessment is not a single snapshot of the environment. It’s an ongoing process that enables continuous monitoring, discovery and improvement by identifying vulnerabilities, threats or exposures to assets before they become issues.
AWS security audit checklist
- Perform risk assessments in order to understand the business impact/criticality of assets being reviewed.
- Perform AWS penetration testing to discover potential vulnerabilities and misconfiguration issues in your AWS environment
- Identify current controls & their effectiveness/scope – e.g., existing access control lists (ACLs) around VPC subnets or network ACL rules controlling traffic between ECWs.
- Ensure PCI DSS compliance checklist is completed by third-party service providers who manage payment card information data.
- Determine if AWS managed services meet data protection requirements as outlined in the ISO 27001 and 27002 standards.
- Identify data flows, compute usage and potential attack vectors.
- Conduct a network penetration test to identify possible security vulnerabilities that could be exploited by an attacker to gain access into your AWS environment.
- Review configuration management dashboards for all servers/networks/applications and ensure configurations are set correctly (e.g., SSL certificates with right expiration date) – third-party tools like CloudSploit can help here.
- Ensure you understand what is happening on the wire where it counts: between ECWs, RDS instances or across VPCs (VPC peering etc.) – NetFlow logs from EBS volumes or Elastic Network Interfaces (ENIs) can be helpful here.
- Monitor network activity and look for anomalies – e.g., unusual traffic flows coming from an ECW to a known bad actor IP address or application-level data exfiltration attempts.
- Review AWS CloudTrail logs to see who is trying to access what, when they are doing it, where the requests are originating from/going to etc.
- Create alerts on security metrics that show abnormal behaviour (e.g., increase in failed login attempts into RDS instances). These patterns should then be cross-referenced with other sources of information like VPC flow logs or network ACLs & firewall rules around subnets.
AWS security audit tools
1) AWS Security Hub
This new service is a centralised location to monitor, track and act on all security-related events for your AWS environment. This includes notifications about third-party configuration issues with services like Elastic Load Balancing or Amazon API Gateway as well as vulnerabilities in other software packages running within ECWs (e.g., Apache Struts). Other data sources include the following: VPC flow logs, CloudTrail event histories, network ACLs/firewall rules around subnets etc. Run automated remediation tasks directly from this console when required too!
2) CloudWatch Events
Get notified via email & Slack of critical changes to your systems that require immediate attention – e.g., an administrator has just deleted an important ECW or security group.
3) CloudFront Access Logs
Get notified via email & Slack of unauthorised access to your SaaS services – e.g., someone has just launched a DDoS attack against one of the databases hosted on an RDS instance!
4) AWS Config Rules
Periodically check that all CloudWatch alarms for metrics like “CPU usage” and “free EBS volume space” are working as expected. Automatically remediate if they’re not (e.g., launch another ECW, increase alarm thresholds etc.)! Or simply use Amazon Inspector which will do this for you automatically (see below).
5) Amazon Inspector
This service provides deep insights into what’s running within any given AWS environment – including any vulnerable software packages or misconfigurations that could lead to a security breach.
6) Amazon Macie
This service uses machine learning and big-data techniques to automatically discover, classify & protect sensitive data stored within your AWS environment – e.g., PHI/PII data belonging to customers (e.g., Social Security Numbers). It can help you meet compliance requirements outlined by industry standards like HIPAA, PCI DSS etc..
7) AWS Config Rules
This new feature allows you to validate configuration settings across all ECWs in an AWS account for services like Amazon SNS/Kinesis/DynamoDB and resolve issues before they affect production environments (e.g., workflows executed against the affected resources will fail if rules are violated).
Each of the above services/tools should be used to help you continuously improve your AWS security posture – by allowing you to identify & fix configuration errors before they affect production environments. If one service isn’t sufficient enough, simply use two or more in conjunction with each other!
If you want to be sure that your organization is safe from hackers, then it’s important to do an AWS security audit. A lot of companies are now realizing the importance of this and have been doing these audits as a precautionary measure. In today’s world where technology has taken over our lives, we need to make sure that we don’t make any mistakes with data security because there will always be someone looking for vulnerabilities in order to exploit them. So, keep your business safe!
6 Steps to Ensure WordPress Security
Here are a couple of strategies you can follow to enhance WordPress security.
- Secure your hosting platform
Your host needs to follow certain approved security practices from its side to ensure that your site isn’t placed in any compromising situations. Along with this, it is ideal that you possess enough technical knowledge to understand and make informed decisions regarding ramping up of security.
Server hardening is the key to maintaining rigid security levels. Here, multiple layers of hardware and software security measures are required to improve the IT infrastructure handling the WordPress site and allow it to defend against all kinds of threats. This means the latest operating system (OS) and security software that’s tested for malware and scanned for vulnerabilities.
We’re also looking at efficient firewall systems, systems that can detect intrusions, and software that is strong enough to protect the site even when WordPress is being installed or constructed. Always make sure that all such software and the hosting platform itself is compatible with the latest database management systems for maximum security and performance.
The right levels of configuration for the system will be based on secure networking and file transfer encryption protocol (SFTP instead of FTP) to barricade sensitive content from prying eyes.
- Username and Password
This is a repetitive instruction, and yet, frequently violated despite being one of the simplest and most effective ways to strengthen your WordPress site security. Complexity is your friend and the hacker’s enemy. Google has facilities like ‘Strong Password Generator’ that can be used for this purpose, although there is some criticism regarding its security against brute force attacks.
An important provision for using – and remembering – such complex login credentials is storing them in secure channels i.e, password managers. You can either store them online or in a locally encrypted database on the computer. Also, create a unique WordPress username after deleting the default ‘admin’ user (if this exists) – do this by adding a new user under ‘Users’ in the dashboard and then provide it the ‘Administrator’ credentials. Remember to choose ‘attribute all content to’ when deleting the default user and choose your new user for changing the author of the posts on the site.
- Keep updating
WordPress security hardening is synonymous with updates – be it WordPress or the extensions such as themes and plugins used. Updates always include important security fixes, enhancements, and bug fixes, making it necessary. 55.9% of hacking attempts generate from backdoors established in outdated versions or extensions.
Only install trusted plugins, especially those under ‘trusted’ and ‘featured’ categories; you can also download it directly from WordPress’ official repository. Make it a point to limit the nulled WordPress plugins and themes installed on your site as well.
- Lock down the WordPress admin access
There is the contrast of being widely available for your customers while being as obscure as possible in terms of admin access. This also makes it difficult for them to find backdoors for entry. Two ways of doing this is limiting login attempts and changing the default wp-admin login URL. There are free plugins that allow you to take both of these measures such as lockout durations, IP blacklisting or whitelisting, login attempts, etc. Keep a tap of your Google webmaster security tab for any issues too.
Add basic HTTP authentication – you can lockdown your admin using this method as well. Using this on membership or ecommerce sites might not be optimal, but it is a good measure against bots targeting the site.
If you’re using a cPanel host, you can also enable the password-protected directories from the control panel manually.
- Utilize the 2-factor authentication process
To cover for the risk of being discovered in terms of login credentials, we have the 2-factor authentication process which could be as a one-time password (OTP), SMS, or captcha.
- Use HTTPS for encrypted connections – SSL certification
Installing an SSL certificate and running your site on HTTPS is another simple way to ensure basic security at very little costs and maximum benefits. It allows your browser or web application to securely connect with another website and is useful regardless of whether you accept credit card information. Beyond added security, you also get improved SEO rankings from search engines like Google, and can bypass security warnings from Google Chrome, building trust and credibility with your visitors.
These are a few steps with which you can improve security of your WordPress site – for more efficient methods and minimal effort from your side, check out Astra Security!
News4 days ago
NASS Begins Amendment Of Extradition Act
Nation4 days ago
Group Seeks Media Support To Combat Human Trafficking
Maritime1 day ago
UN Wants Nations, Partners To Tackle Piracy At GOG
Opinion1 day ago
16 Days Of Activism Against Gender-Based Violence
News1 day ago
Amaechi, Cole’s Plot To Plunder Rivers Resources Again Won’t Work, Wike Vows …Pledges To Continue Executing Projects Till May 29, 2023
News4 days ago
34 States Domesticate Child Rights Act
Sports4 days ago
Kanu, Amokachi Preach Grassroots Sports Dev
Education1 day ago
Kwara Govt Re-Opens College Of Education