Blog

Unfortunately for devops teams everywhere, auditors are starting to catch onto how applications are made and deployed rapidly in the cloud. If you're like me, you can remember the first time you fully grasped how overwhelming an audit was about to be. I was handed a 250 row spreadsheet of controls and asked by our compliance team, "do we do these things and could you send screenshots for them?" To make things worse, our legal team preemptively hired a consultant to provide pointless commentary every step of the way. This event drives us to create Control. We want to automate the auditors out of the way, so you can get back to the cool stuff.

VGS has achieved PCI L1 Service Provider certification for the third time! Though most of you reading this blog will go through PCI DSS compliance for merchants, the process is similar enough that sharing a few lessons we have learned along the way should be helpful.

PCI DSS certification is a complex endeavor, whether it’s your first time or whether it has become an annual ritual at your company. However, many important aspects (and challenges) are common to all successful PCI assessments.

When something goes wrong and there isn’t a clear root cause, it can seem impossible to find, understand, and fix the problem. But now with VGS Observability, you can determine when, why, and how an atypical event happened.

There’s no doubt about it: Compliance and data security are expensive, time-consuming, and stressful. And there’s a reason for that.

Traditional methods don’t make it easy for companies to become compliant and protect user data. For crypto startups like Gem or leading marketing platforms like Fivestars, securing customer data security is mandatory – but it’s often cost-prohibitive and distracting.

We are excited to announce two new extraordinary additions to our C-suite team at VGS. Reena Choudhry has joined us as Chief Revenue Officer (CRO) along with Matt Amundson, our new Chief Marketing Officer (CMO).

The basics of card programs as well as how to solve the biggest challenges with the least amount of work, risk, and cost.

Virtual and debit are an essential part of every card program. From complex pricing and risk management to ensuring easy integration into your existing payment infrastructure, there’s a lot to get right when issuing cards.

Penetration Tests, an Introduction

When your business is online, the front door of your business is directly in front of every potential customer. Unfortunately, it’s just as easy for attackers, fraudsters, and anyone who wants to prey on you and your customers to be at your doorstep too. With carefully architected locks and controls, you can make sure that your door only opens for your customers.

Penetration tests, or pen tests, are a critical part of making sure your controls remain as strong as you think they are. Specifically, it is important that your pen tests are conducted by a skilled external firm. And this is true even if your organization has a competent internal security team – even in our case, with a competent and specialized internal security team to support our data security business.

As we brought Payment Optimization to market, we regularly asked ourselves the all-important Why: Why this? Why now?

The short answer is that with the decade of evolution ecommerce has experienced in the last 18 months, firms have rushed to grow their payments functionality and now have the opportunity to tailor that payments ecosystem in innovative ways.

Our #1 most requested integration is live, and you can now link your Slack account to VGS Control.

With the new Slack integration, you can automatically collect and import public Slack channel messages to use for audit evidence when undergoing your SOC 2, ISO or similar assessment.

At VGS, we often get asked by prospective customers about the true costs of PCI. We’ve written about this topic before in broad strokes. Ultimately, the potential costs of PCI non-compliance are catastrophic, both financially and reputationally. But those big numbers can be scary and seem unreal. So let’s put a good summertime analogy to work in explaining how costs arise for two different market players - a small merchant and a SaaS platform with integrated payments.