Gaps in new NIS technology innovation complex

Arise, O Compatriots! Nigeria Calls to Obey. The first phrase of our former national anthem is etched in history, symboliSing a call to action for all Nigerians.
Recently, I came across a video online featuring the commissioning of the Bola Ahmed Tinubu Technology Innovation Complex at the Nigerian Immigration Service (NIS) Headquarters in Abuja, showcasing some of the technology facilities on ground including a newly built data center. The initiative is a commendable step toward addressing systemic lapses and reducing corruption, particularly in passport processing.
Nigerians can relate to how arduous obtaining or renewing a passport used to be. From excessive waiting periods to unofficial fees—popularly called “settle”—the system was challenging to navigate. Thanks to reforms introduced by Dr. Olubunmi Tunji-Ojo and the new NIS administration, these difficulties have improved significantly. Today, passport processing has become more efficient, transparent, and accessible.
However, with technological advancement comes a new level of responsibility, especially concerning information security. As an information security analyst, I observed a critical security gap in the video advertising the newly commissioned complex.
The complex was described as “A sophisticated, multibillion-naira project housing some of the most advanced technological security solutions, competing globally while serving as a blueprint for the rest of Africa.”
While this sounds ambitious, my professional analysis reveals significant security flaws that deviate from globally recognized security standards such as ISO/IEC 27001, NIST SP 800-53, and CIS Controls. Co-locating a data center in the same complex as a primary business or advertising its physical location introduces significant vulnerabilities making it as easy target for threat actors.
Let’s break it down against globally recognized security standards and frameworks like ISO/IEC 27001, NIST SP 800-53, and CIS Controls:
- Data Center Location
Risk: Having a data center within the same facility increases exposure to both physical and cyber threats, including natural disasters, insider threats, and targeted attacks.
Framework Alignment:
ISO/IEC 27001 mandates that organizations consider location-specific risks (A.11.1 – Physical Security Perimeter).
NIST SP 800-53 (PE-18) specifies the need for “location diversification” to reduce the impact of a single failure.
Best Practice: Data centers should be in geographically separate, secure facilities to ensure redundancy and disaster recovery.
- Advertising the Data Center
Risk: Publicly disclosing the location of a critical infrastructure makes it an easy target for threat actors.
Framework Alignment: ISO/IEC 27001 recommends maintaining confidentiality for sensitive infrastructure (A.18.1 – Compliance with Security Policies).
CIS Control 14 emphasizes minimizing the attack surface, including exposure to public information.
Best Practice: Limit information about the data center’s location to only authorized personnel with a need-to-know basis.
While the reforms and innovations introduced at the NIS are laudable, there is a pressing need to align the implementation with international best practices for information security. Addressing these critical vulnerabilities will not only enhance the security posture of the NIS but also serve as a true benchmark for Africa and beyond.
Omotoyosi Oduyoye is a Certified Information Systems Auditor (CISA) and Certified in Cyber Cybersecurity (CC) based in Edmonton, Canada.
We have recently deactivated our website's comment provider in favour of other channels of distribution and commentary. We encourage you to join the conversation on our stories via our Facebook, Twitter and other social media pages.
More from Peoples Gazette

Agriculture
FG tasks ECOWAS on leveraging financing strategies for agroecology
The federal government has urged stakeholders in the agriculture and finance sectors in the West Africa region to leverage financing strategies to enhance agroecology practices

Politics
Katsina youths pledge to deliver over 2 million votes to Atiku
“Katsina State is Atiku’s political base because it is his second home.”

States
Three rescued, one body recovered as building collapses in Kano
The Kano State Fire Service has said that one person died and three others were rescued after a building under construction collapsed

NationWide
FG calls for stronger African collaboration to combat illicit wealth, transnational corruption
Mr Fagbemi added that the recovery and transparent management of proceeds of crime remained a key pillar of the country’s anti-corruption policy.

Heading 2
FG reiterates commitment to ensuring safe return of Nigerians from South Africa
“The last evacuation flight, which is expected to bring home approximately 300 of our nationals, is expected to arrive in Nigeria next week,” Mr Ebienfa said.

Education
Nasarawa private schools halt academic activities over multiple taxation
They said the taxes amount to hundreds of thousands of naira annually.

Hot news Home top
No school abduction in Oyo for years until hours after I declared for presidency: Makinde
Mr Makinde slammed critics who said it was his responsibility to secure the release of the abducted victims in the state.

Ibadan
Rehabilitation of Oyo schoolchildren, teachers our priority: Makinde
Mr Makinde commended the security personnel for the rescue of the pupils and teachers, who had been held captive since May 15.





