facebook noscript

Securely Capture Sensitive Data with VGS & Netlify

June 6, 2019
netlify-featured

We’re excited to announce that we’ve partnered with our friends at Netlify to develop an add-on that effortlessly and securely collects data via webforms.

If you are not already familiar with Netlify, they offer developers a global application delivery network that eliminates the need to worry about infrastructure and hosting. Their platform is used by over 500,000 developers and is the foundation for more than 7.5 million websites.

You Can’t Hack What Isn’t There
The add-on focuses on the initial stage of the data lifecycle, i.e. the collection of data. With this simple add-on, you can build forms that ensure no sensitive data ever actually touches your servers. Instead, the data is transformed in real-time before it ever hits your system. VGS provides you an alias and secures the original data in our vault until needed. This drastically reduces your risk exposure and compliance responsibility. In the case of a data breach, your systems won’t be holding anything sensitive, so you are protected from liability.

When you need to use your data again, simply format your payload or API call as you would using the aliased data in place of the real thing. On the outbound route VGS again transforms the aliases back into original values with no code changes required of you or your recipient!

Collect & Protect Any Kind of Data
Some examples of what you can do with the VGS add-on include:

  • Collect credit card data in a PCI-compliant manner
  • Protect personally identifiable information (PII) like SSNs, IDs, etc.
  • Collect & store banking, billing or healthcare information securely
  • Redact function logs
  • Fast-track PCI, SOC2 and other compliance certifications

Instant PCI compliance with VGS & Netlify
Using the VGS Add-On for Netlify to collect and process payments information allows you to instantly inherit Very Good Security’s security posture and PCI compliance. By not handling sensitive data yourself, your systems remain out of compliance scope, and you get the benefit of VGS’ existing certifications. And if you need documentation to demonstrate compliance, VGS can help you provide that, too.

Check out this quick demo video to see the VGS add-on in action:

How does it work?
With the VGS add-on, form data is redacted and aliased in real-time, keeping your systems completely out of compliance scope.

What does this mean?
You shift data liability to VGS, and you're able to rapidly achieve compliances like PCI, SOC2 and more, because the sensitive data never touches your backend, nor is it exposed in the Netlify UI.

How can you securely send the data to third parties?
For revealing and sending your data to third parties, you need to configure your outbound connection in the VGS Dashboard or use one of the pre-defined VGS third party integrations.

How to add VGS to Netlify
If you don't have a Netlify instance yet, you'll need to create and deploy a site it to Netlify. You can get a free account at Netlify then follow these steps:

  1. Install netlify-cli npm install netlify-cli -g
  2. Run netlify addons:create vgs from your website's directory or use our example and follow the README instructions
  3. Run netlify addons:auth vgs, to authenticate to Very Good Security. You'll be prompted to create an account with VGS if don't have one yet. Then you can grant the add-on access to your VGS account.
  4. From there, follow the interactive guide to configure details

Demo Video: Configure & Deploy VGS for Netlify
Here's a video walk-through from our friends at Netlify showing a full demo install and deployment of the VGS add-on for a Netlify site:

Additional Resources
Here are some additional resources to help you get set up:

Final Thoughts
We're excited to help Netlify users take their data collection and security posture to the next level. With this add-on you can quickly and easily achieve compliances such as PCI and SOC2. That means you'll have more time to focus on building your business and can spend less time dealing with security and compliance headaches.

Stay secure, my friends!

Peter-VGS-headshot-square Peter Berg

VP Biz Dev & Strategy

Share

You Might also be interested in...

engineering-default

VGS Collect: Providing Accessibility for Everyone

Anna Kudriasheva June 11, 2019

engineering-default

Styling Secure Form Fields with VGS Collect

Alexandr Florinskiy May 15, 2019

learning-default

Lessons We Learned From Organizing Our 3rd Annual Company Retreat

Christina Monets May 13, 2019