Case Study: Carbon

Deliver On Your Security Promise to Customers

Carbon, previously known as OneFi, is a fin-tech company that empowers individuals with access to credit, simple payment solutions, high-yield investment opportunities, and easy-to-use tools for personal financial management. Carbon is headquartered in Lagos, Nigeria and is a global company of over 40 employees with operations in Ghana, South Africa, the United Kingdom, and Portugal.

The Challenge

Carbon was in need of a remote access solution to their corporate network. Because they are in the financial services industry, their remote access solution needed to be extremely secure, and able to meet PCI DSS compliance requirements in terms of detailed logging, auditing, and access controls. Countless people trust Carbon with their most sensitive financial information — and Carbon promises each and every one of them that their data will be kept safe. That’s why Carbon started looking for a VPN service that would allow the company to keep its promise to its clients.

Our Solution

Carbon chose OpenVPN Access Server to provide the remote access VPN solution. They configured Access Server with User Groups and corresponding Access Control List such that the access to network resources and systems would be in line with the employee’s role and accountability. This makes auditing access rights for all employees belonging to the User Group quite straightforward. As a further check on identity, the built-in Google Authenticator integration was turned ON. Access Server can be set to log to Syslog so that all logs can be collected and maintained centrally for inspection, audit, and security incident management. With OpenVPN Access Server, Carbon found an economical remote access solution that met the rigors of fin-tech standards — and allows them to keep their security promises to their clients.

Further Reading

Case Study: BullyingCanada

“If security is important to you and you need an easy to use way to connect your workforce, OpenVPN is the partner you’re looking for.”

Case Study: Hart BR

The company needed a better way to securely share access to its Communication Server with its clients — that was easier to set up, use, and configure, while delivering the must-have privacy and security for their confidential work.

Case Study: HVAC Elements Group

The company needed to provide secure access over the Public Internet to important internal resources — but the number of employees needing remote access had grown substantially, and their existing process of whitelisting IP addresses was no longer sustainable.

Case Study: CranstonIT

The company previously used VPNs associated with their clients firewalls, but found that those solutions were often difficult to configure, and challenging to integrate with other directory services that they wanted to use with their clients.