facebook noscript

Securely Capture Sensitive Data with VGS & Netlify

June 6, 2019
Netlify and VGS logos for hero image

We’re excited to announce that we’ve partnered with our friends at Netlify to develop an add-on that effortlessly and securely collects data via webforms.

If you are not already familiar with Netlify, they offer developers a global application delivery network that eliminates the need to worry about infrastructure and hosting. Their platform is used by over 500,000 developers and is the foundation for more than 7.5 million websites.

You Can’t Hack What Isn’t There
The add-on focuses on the initial stage of the data lifecycle, i.e. the collection of data. With this simple add-on, you can build forms that ensure no sensitive data ever actually touches your servers. Instead, the data is transformed in real-time before it ever hits your system. VGS provides you an alias and secures the original data in our vault until needed. This drastically reduces your risk exposure and compliance responsibility. In the case of a data breach, your systems won’t be holding anything sensitive, so you are protected from liability.

When you need to use your data again, simply format your payload or API call as you would using the aliased data in place of the real thing. On the outbound route VGS again transforms the aliases back into original values with no code changes required of you or your recipient!

Collect & Protect Any Kind of Data
Some examples of what you can do with the VGS add-on include:

  • Collect credit card data in a PCI-compliant manner
  • Protect personally identifiable information (PII) like SSNs, IDs, etc.
  • Collect & store banking, billing or healthcare information securely
  • Redact function logs
  • Fast-track PCI, SOC2 and other compliance certifications

Instant PCI compliance with VGS & Netlify
Using the VGS Add-On for Netlify to collect and process payments information allows you to instantly inherit Very Good Security’s security posture and PCI compliance. By not handling sensitive data yourself, your systems remain out of compliance scope, and you get the benefit of VGS’ existing certifications. And if you need documentation to demonstrate compliance, VGS can help you provide that, too.

Check out this quick demo video to see the VGS add-on in action:

How does it work?
With the VGS add-on, form data is redacted and aliased in real-time, keeping your systems completely out of compliance scope.

What does this mean?
You shift data liability to VGS, and you're able to rapidly achieve compliances like PCI, SOC2 and more, because the sensitive data never touches your backend, nor is it exposed in the Netlify UI.

How can you securely send the data to third parties?
For revealing and sending your data to third parties, you need to configure your outbound connection in the VGS Dashboard or use one of the pre-defined VGS third party integrations.

How to add VGS to Netlify
If you don't have a Netlify instance yet, you'll need to create and deploy a site it to Netlify. You can get a free account at Netlify then follow these steps:

  1. Install netlify-cli npm install netlify-cli -g
  2. Run netlify addons:create vgs from your website's directory or use our example and follow the README instructions
  3. Run netlify addons:auth vgs, to authenticate to Very Good Security. You'll be prompted to create an account with VGS if don't have one yet. Then you can grant the add-on access to your VGS account.
  4. From there, follow the interactive guide to configure details

Demo Video: Configure & Deploy VGS for Netlify
Here's a video walk-through from our friends at Netlify showing a full demo install and deployment of the VGS add-on for a Netlify site:

Additional Resources
Here are some additional resources to help you get set up:

Final Thoughts
We're excited to help Netlify users take their data collection and security posture to the next level. With this add-on you can quickly and easily achieve compliances such as PCI and SOC2. That means you'll have more time to focus on building your business and can spend less time dealing with security and compliance headaches.

Stay secure, my friends!

Peter-VGS-headshot-square Peter Berg

VP Biz Dev & Strategy

Share

You Might also be interested in...

web-accessibility-vgs-collect

VGS Collect: Providing Accessibility for Everyone

“The power of the Web is in its universality. Access by everyone regardless of disability is an essential aspect.” - Tim Berners-Lee, Inventor of the World Wide Web

We’re excited to announce some improvements we have made to the accessibility of VGS Collect. But first some background on the topic of accessibility.

Anna Kudriasheva June 11, 2019

secure forms style

Styling Secure Form Fields with VGS Collect

Design is the first thing a customer will notice when they visit your website. A beautiful design is not only attractive to the visitor, but it makes your business look more legitimate. As you build and improve your website, it is important that third-party UI elements work well with, and look similar to, your own user interface. To make the building and programming process easier, here at VGS we put in work to make our forms as flexible and user-friendly as possible for you.

Alexandr Florinskiy May 15, 2019

vgs fiesta 1

Lessons We Learned From Organizing Our 3rd Annual Company Retreat

It was just another Monday morning. Our engineering teams were getting ready for their standup meetings, the sales team was going through the customer priority list, and HR was checking the schedule of performance reviews and promotions for the week ahead. The sun was shining brightly (what a difference after the record rains in SF in February!), well the Spanish sun kinda always shines brighter.

It was just another Monday morning. The only thing that was different. We were all in the same room.

Christina Monets May 13, 2019