Trust Center

Start your security review
View & download sensitive information
Search items

Overview

Very Good Security (VGS) offers a “white-label” tokenization service to service providers that allows their downstream ecommerce merchants and/or service providers to direct all credit card entries to the VGS payment gateway and tokenization services.

This page provides an overview of our security program. We have dedicated security staff, including a Chief Security Officer and Certified Information Systems Security Professionals.

Have any questions, suggestions, problems?

Contact us: Email: support@verygoodsecurity.com Online: https://support.verygoodsecurity.com

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
PCI DSS Logo
PCI DSS
Privacy Shield Logo
Privacy Shield
SOC 2 Logo
SOC 2
Start your security review
View & download sensitive information
Network Diagram
Other Reports
Pentest Report
SOC 2 Report
PCI DSS
SOC 2
VSA Full
Cyber Insurance
Business Continuity Policy
General Incident Response Policy
Information Security Policy

Risk Profile

Data Access LevelRestricted
Impact LevelSevere
Critical DependenceYes
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Network Diagram
Other Reports
Pentest Report
View more

Data Security

Access Monitoring
Backups Enabled
Encryption-at-rest
View more

App Security

Responsible Disclosure
Code Analysis
Software Development Lifecycle
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
BC/DR
Infrastructure Security
View more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management
View more

Network Security

Firewall
IDS/IPS
Security Information and Event Management
View more

Corporate Security

Employee Training
Incident Response
Internal Assessments
View more

Security Grades

Qualys SSL Labs
Main Site
A
VGS Dashboard
A+

Trust Center Updates

Very Good Security's Response to the Reported Okta Breach

IncidentsCopy link

Very Good Security is aware of the reported breach at Okta, tied to Okta support user access. While we use Okta for single sign-on (SSO) integrations with our internal applications, we have confirmed that we do not have Okta support access enabled within our environment. As an additional precaution, we have reviewed our logs for the last 90 days, and have not observed any evidence of malicious or unauthorized activities. We have not received any notification from Okta, and have reached out to their security and account teams. As this is a fluid situation, we will continue to monitor for any new developments from Okta, and will update the status here if anything changes for our environment.

Published at N/A
Powered bySafeBase Logo