Announcements
Oct 15, 2024
Feb 20, 2026
•
4 min read
Security isn’t just a feature — it’s a promise
When you operate in fintech, security is paramount and nonnegotiable. For Carbon, a global financial technology company formerly known as OneFi, protecting customer data is foundational to earning and keeping trust. With teams distributed across multiple countries and cloud environments, Carbon needed a secure, auditable way for employees to access corporate systems remotely — without compromising compliance.
That’s where Access Server came in.
A global fintech company with a high bar for security
Carbon empowers individuals with access to credit, simple payment solutions, high‑yield investment opportunities, and intuitive tools for personal financial management. Headquartered in Lagos, Nigeria, Carbon operates across Nigeria and Ghana with a growing, globally distributed team of 90+ employees (as of February 2026).
Operating in highly regulated financial environments means Carbon must meet strict security and compliance requirements, including PCI DSS standards. Detailed logging, strong access controls, and clear accountability aren’t optional — they’re essential.
As the company expanded internationally and embraced a more agile, remote-first way of working, Carbon needed a remote access solution that could scale with them while reinforcing their commitment to data privacy.
About Carbon
- Industry: Fintech
- Company size: over 90 employees (as of January 2026)
- Headquarters: Lagos, Nigeria
- Operations: Nigeria and Ghana
- Product: Access Server
Carbon provides innovative financial tools that make managing credit, payments, and investments easier and safer for clients across the globe.
The challenge: secure, auditable remote access
With remote employees in multiple countries, Carbon needed a VPN solution that could keep its promise to clients: safeguarding their data.
The solution: Access Server provides flexible, secure, compliance-aligned access
Carbon selected Access Server to provide a flexible, secure remote access solution. They configured User Groups and Access Control Lists so that employee access to network resources aligned with role and accountability, making auditing straightforward.
The built-in Google Authenticator integration was enabled to add an extra layer of identity verification. Access Server was configured to log to Syslog, enabling centralized collection of logs for inspection, audit, and security incident management.
"Before Access Server, we were actually using MikroTik router OS to configure L2TP and SSTP for remote employees," says Olawale Olaleye, former Head of IT & Security at Carbon. "We were also using the Windows VPN configuration. We got to a point where our business became very regulated and we needed to comply with some regulatory bodies. So we decided to come up with a solution, where user access to corporate networks would be properly protected.
"Also we need to hold every user connected to the network accountable. We wanted to see who connects when and what they are doing on the network. So Access Server was the best solution we could find. In particular, because it gives us room to audit what users are doing, when they are connecting, and where they are connecting from.”
Carbon appreciated the flexibility of Access Server to deploy in their own private network across multiple cloud environments, aligning with their agile operational model.
The result: confidence, compliance, and control
With Access Server, Carbon achieved:
-
Secure, auditable remote access for all employees, across multiple countries.
-
Easy monitoring and logging of employee activity to meet regulatory standards.
- Flexible deployment that integrates with multiple cloud environments.
- Confidence in delivering on their commitment to client data privacy.
Watch: why Carbon chose Access Server
Watch this story from former Head of IT & Security, Carbon Olawale Olaleye to see what a difference Access Server has made for Carbon:
Ready to secure remote access for your team?
Access Server gives businesses like Carbon the confidence, control, and compliance needed to protect sensitive data while supporting a distributed workforce.
Explore Access Server today and see how your organization can deliver on its security promises.
