case study - currency from the cloud: security & compliance for payment provider
TRANSCRIPT
![Page 1: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/1.jpg)
Currency from the Cloud
Featured Case Study
SECURITY AND COMPLIANCE WINNING CUSTOMERS FOR CLOUD-BASED PAYMENT PROVIDER
![Page 2: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/2.jpg)
@ARMOR | ARMOR.COM | PAGE 2
Security sells. In a world rife of high-profile data
breaches, social-engineering exploits, identity
theft and tech brand damage, strong security is no
longer a nice-to-have option. It’s a business-saving
requirement.
It’s this core reasoning that helps gotoBilling CEO
Steve Roderick differentiate his end-to-end software
payment service in a highly competitive marketplace.
In his eyes, trusting this formula is a critical
component of every business. Sound security
— particularly when properly layered — helps
organizations defend against breach, protect their
brands, ensure compliance and avoid fines.
“Everyone in our industry is concerned about security.
Breaches are everywhere. Merchants and processors
alike are concerned about security,” said Roderick.
“The applications that can deliver good security
infrastructure, along with the processes and procedures,
are the solutions that win end-user clients.”
And that’s how gotoBilling delivers — for healthcare
organizations, service companies, industrial merchants,
utilities and large banks. The Florida-based company
leverages security and compliance, integrated into their
payment application infrastructure by Armor, to help
protect customer accounts payable and
receivable processes.
“We have companies that appreciate the level of detail
we provide — not only in support, but in security,” said
Roderick. “Working with Armor only enhances that.”
Currency from the Cloud SECURITY AND COMPLIANCE WINNING CUSTOMERS FOR CLOUD-BASED PAYMENT PROVIDER
2005
Tampa, Fla.
7
Financial Payments
gotobilling.com
Founded:
Headquarters:
Locations:
Industry:
Website:
@ARMOR | ARMOR.COM | PAGE 2
![Page 3: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/3.jpg)
@ARMOR | ARMOR.COM | PAGE 3
Scaling up-market With this understanding, gotoBilling had a plan. Offer
high-margin prospects a unique, secure and compliant
billing and currency solution that was so versatile that it
met any and every payment need.
“We connected to every credit card processor in the
United States,” explained Roderick. “We’re an ACH
settlement engine. We have mobile apps. We have PCI
secure payment pages. We have online bill pay.
“There’s really not a way that money moves through the
economy that we don’t address within this application.”
The application — powered by a secure, enterprisegrade
cloud managed by Armor — offers gotoBilling
customers elite performance and benefits, and it came
integrated with security management that just wasn’t
available from many trusted vendors. It was more than
price. It was the full package.
“We see this as a cost-efficiency that would be foolish
to try to work around,” he said. “We put numbers to this
and it would cost us more to try to duplicate what is
there. It’d be significantly more.”
Payment VersatilitygotoBilling delivers the entire spectrumof secure payment services.
Email notices
Physical statements
Invoices
Collection letters
Online bill payment
Recurring payments
Face-to-face payment
Mobile applications
Inbound check-imaging
![Page 4: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/4.jpg)
@ARMOR | ARMOR.COM | PAGE 4
‘The cloud is common practice’ Like many organizations, gotoBilling faced
demanding technology decisions that factored in
performance, security, cost and scale. In their early
years, the company spun up their own on-premise
servers to power their solution.
In fact, when the company first launched in the
mid-2000s, some of Roderick’s early tasks were
centered on the technology that just made the
gotoBilling solution possible. Now? The secure
cloud has universal acceptance.
“We were going to companies that didn’t have
high-speed Internet in the building,” Roderick said.
“Today, the cloud is common practice. It’s truly
amazing how fast we came across that tipping
point. Now everyone accepts it.”
“We are able to stand in front of a customer and look them in the eye and say, ‘I know that your data is safe.”
Steve Roderick | CEO, gotoBilling
![Page 5: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/5.jpg)
@ARMOR | ARMOR.COM | PAGE 5
As gotoBilling grew, so did their needs. Performance.
Security. Compliance. Scalability. Versatility. They
needed it all. And then some. From there, Roderick
and his team evaluated the cloud market. Top to
bottom. Then back again.
During this research, Roderick identified four main
pillars that a strong, secure cloud should deliver
consistently: trust in people; commitment to security;
quick provisioning; and uptime and reliablity.
Throughout their nationwide discussions, gotoBilling
found companies with one. Sometimes two.
Rarely three. But all four? It was a challenge.
Ultimately, they selected Armor and were more
than pleased with the results. Three years in, the
service, commitment, security and performance
were all top notch.
But like smart, proactive organizations will do, they
made it a point to evaluate all investments. It was a
deep look inside to see how to improve the business.
“We wanted to know what’s out there,” said Roderick.
“Are we missing anything? Can we find something
that’s better? Less expensive? More secure? What’s
changed in the last three years? You want to do that
from time to time.”
And even though it was an arduous process, the
results were the same. Nothing compared. From
there, gotoBilling continued to grow and expand.
“There’s a proven track record with Armor that would
make it hard for a newcomer to pull us away,” he said.
Even with years of experience leveraging the cloud
to power their application, gotoBilling is still evolving.
To streamline operations, they now employ a highly
advanced hybrid cloud solution that gives them the
flexibility and security required. They reinvest that
money into additional encryption and monitoring
controls to further bolster their security posture.
1. Trust in People
2. Commitment to Security
3. Quick Provisioning
4. Uptime & Reliability
The four-point plan
![Page 6: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/6.jpg)
@ARMOR | ARMOR.COM | PAGE 6
Roderick may not have this level of comfort without the
confidence of his chief technology officer, Jed Danner.
“He’s the one who ultimately makes the decisions
(about the technology),” said Roderick. “He’s very
comfortable with what goes on there and how
everything is organized and structured.”
Danner, who has championed the Armor relationship
from the onset, went a step further. He explained that
when searching for a smart, savvy managed cloud
provider that was also an expert in security and PCI
compliance, the options were limited.
“At the time, PCI wasn’t that well known,” said Danner.
“It was hard communicating what we needed, and why
we needed it, to people who didn’t understand.”
From top-level compliance experts to around-the-cloud
security support, gotoBilling has seen the difference a
specialty vendor can make. As the partnership matured,
so did gotoBilling’s understanding of this
comprehensive value.
“The biggest thing that has really helped us has been
the on-call support and the knowledgeable teams that
are in place. It allows us to get a lot more done without
hiring more people,” said Danner. “That really takes a
lot of work off our shoulders. It saves us quite a bit of
money since we don’t have to have that extra talent in-
house. We just go to Armor.”
Confidence as a service
“It saves us quite a bit of money since we
don’t have to have that extra talent in-house.
We just go to Armor.”
Jed Danner | CTO, gotoBilling
![Page 7: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/7.jpg)
@ARMOR | ARMOR.COM | PAGE 7
Locking down data
Customer data requires the utmost care and protection.
The tipping point for any capable cloud infrastructure is
bound to the design, strategy and implementation by the
vendor.
Bolt it on in pieces as you go? Exploits will be found. But
when a cloud environment is built from the ground up,
with security in mind, the results are exceptional.
“Security is huge. What are you doing for security? What’s
your future security plan?” queries Roderick. “It’s fine to
say where you are now, but where are you going? Armor
has a great plan and even better plans for the future. It’s
evident by the staff.”
Danner, who was in lock-step with Roderick in pushing
for stronger security, echoed the message.
“The actual data security and monitoring services
are where Armor really goes above and beyond
other providers,” he said.
Much like an educated and experienced surgeon with
a scalpel, all that technology is only powerful when
paired with trained expertise and refined processes.
“There’s a commitment to the security level there
that we weren’t seeing at other companies,” said
Roderick. “The big deal is being able to know you
can rely on the folks there watching the system. If
anything goes down, there really are people there
that are immediately on it. In essence, we’ve got a
network employee who works 24/7 who we don’t
have to worry about.”
“The actual data
security and monitoring
services are where
Armor really goes
above and beyond
other providers.”
Jed Danner | CTO, gotoBilling
![Page 8: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/8.jpg)
@ARMOR | ARMOR.COM | PAGE 8
Next-level compliance
But security is only part of the gotoBilling strategy,
which also includes a next-level dedication to
compliance. Most organizations simply employ a
temporary Qualified Security Assessor (QSA) who acts
as a consultant to guide the company through their PCI
audit and, when needed, ensure they remain compliant.
In contrast, gotoBilling employs a staff Internal Security
Assessor (ISA), whose core responsibility is to manage
the company’s compliance posture. They’re the certified
and dedicated liaison between gotoBilling and the PCI
Security Standards Council.
“We take security and compliance serious enough that
we want that person constantly working to see what we
can do better from an application standpoint,”
said Roderick.
This commitment not only satisfies various
compliance requirements, it elevates the
gotoBilling brand.
“Not only do we do this for the application, we
can also show what we do at the facility,” he
said. “Here’s why we chose Armor. Here’s the
architecture of the system that’s been put
together at the facility. Here’s why your data
is going to be safe.
“When you put an ISA and Armor together,
it’s a best-in-class approach that’s very
difficult to duplicate.”
“ We take security and
compliance serious
enough that we want
that person constantly
working to see what we
can do better from an
application standpoint”
Steve Roderick | CEO, gotoBilling
![Page 9: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/9.jpg)
@ARMOR | ARMOR.COM | PAGE 9
Saying it honestly Roderick encapsulated the difference right there. It’s a
team approach to protecting an organization, a brand and
its customers. Success like this isn’t achieved alone.
“I don’t believe there’s anywhere else we could go where
we would feel as secure with our data,” he said. “We are
able to stand in front of a customer and look them in the
eye and say, ‘I know that your data is safe.’
“What we’re doing with our data and our cybersecurity
partner is best-in-class. It doesn’t get better than this.
We can stand in front of anyone and say that honestly.”
“ I don’t believe there’s anywhere else we could go where we would feel as secure with our data. ”
Steve Roderick | CEO, gotoBilling
![Page 10: Case Study - Currency from the Cloud: Security & Compliance for Payment Provider](https://reader031.vdocument.in/reader031/viewer/2022022201/589a5c701a28abc3438b540d/html5/thumbnails/10.jpg)
@ARMOR | ARMOR.COM | PAGE 10
US 2360 Campbell Creek Boulevard, Suite 525, Richardson, Texas 75082 | Phone: +1 877 262 3473
UK 268 Bath Road, Slough, Berkshire SL1 4AX | Phone: +44 800 500 3167
© ARMOR 2016. All rights reserved.