This Vault is a segregated secure database that has no direct access to the internet and has strong controls around accessing or interfacing with the data it secures.
Why is it important?
A properly secured vault is the safest way to store and utilize sensitive data (including payment data, private personal information, or sensitive corporate information).
We've designed our vault from the ground up for functional security. Our vault security controls include: segregated accounts, key rotation, patch management, extensive audit logging, regular vulnerability testing, continuous monitoring (24/7), and strong encryption (we utilize AES 256).
By using our vault, you inherit our battle-tested vault architecture and you leverage our controls to enhance your security posture while maintaining the utility of your data.
Where is the vault?
The vault lives in a highly available VPC on cloud services. We have implemented strong availability controls including robust system backups, blue-green deployments, redundant systems, disaster recovery as well as regular incident response and business continuity testing.
What is my tenant vault?
Your customer vault is a logically separated tenant within our secure hardened DMZ.
What's the value?
Our vault works seamlessly with our proxies to provide a secure and compliant way to easily protect your data both in motion and at rest.
All data vaulted and secured by VGS is encrypted at rest with AES-256-GCM. Industry standard TLS (via TLS 1.2) is utilized in-transit. HTTPS is required for any customer application communication. Decryption keys are stored separate from vaulted data in a separate hardened environment secured with multiple layers of authentication.
Leverage our infrastructure immediately harden your applications. Take advantage of our extensive security controls including:
24/7 monitoring for anomalies and intrusion detection
Efficient vulnerability management and robust security patching procedures
Extensive change management controls
Leverage our organization to accelerate your compliances
Decouple your business logic from your sensitive data so you can focus on building your company instead of reinventing security in-house.
Never have to compromise security for quick feature releases
Have our team focused entirely on your data security vs just a subset of your company.