VGS Vault

What is it?

  • The VGS Vault is the home of all your sensitive data and works in conjunction with the inbound connection and outbound connection.
  • This Vault is a segregated secure database that has no direct access to the internet and has strong controls around accessing or interfacing with the data it secures.

Why is it important?

  • A properly secured vault is the safest way to store and utilize sensitive data (including payment data, private personal information, or sensitive corporate information).
  • We've designed our vault from the ground up for functional security. Our vault security controls include: segregated accounts, key rotation, patch management, extensive audit logging, regular vulnerability testing, continuous monitoring (24/7), and strong encryption (we utilize AES 256).
  • By using our vault, you inherit our battle-tested vault architecture and you leverage our controls to enhance your security posture while maintaining the utility of your data.

Where is the vault?

  • The vault lives in a highly available VPC on cloud services. We have implemented strong availability controls including robust system backups, blue-green deployments, redundant systems, disaster recovery as well as regular incident response and business continuity testing.

What is my tenant vault?

  • Your customer vault is a logically separated tenant within our secure hardened DMZ.

What's the value?

  • Our vault works seamlessly with our proxies to provide a secure and compliant way to easily protect your data both in motion and at rest.
    • All data vaulted and secured by VGS is encrypted at rest with AES-256-GCM. Industry standard TLS (via TLS 1.2) is utilized in-transit. HTTPS is required for any customer application communication. Decryption keys are stored separate from vaulted data in a separate hardened environment secured with multiple layers of authentication.
  • Leverage our infrastructure immediately harden your applications. Take advantage of our extensive security controls including:
    • 24/7 monitoring for anomalies and intrusion detection
    • Efficient vulnerability management and robust security patching procedures
    • Extensive change management controls
  • Leverage our organization to accelerate your compliances
  • Decouple your business logic from your sensitive data so you can focus on building your company instead of reinventing security in-house.
    • Never have to compromise security for quick feature releases
    • Have our team focused entirely on your data security vs just a subset of your company.