PayFAQ: The Embedded Payments Podcast artwork

Episode 29 | Why information security is critical to every software business

PayFAQ: The Embedded Payments Podcast

English - November 14, 2023 16:00 - 12 minutes - 8.6 MB - ★★★★★ - 2 ratings
Management Business payrix fintech payments payfac payment facilitation payment facilitator embedded payments Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Episode 28 | How to create your software company's payments roadmap
Next Episode: Episode 30 | The world of PayFac Part 1

Jack Tsigankov, Payrix Information Security Director, really knows how to put things in perspective when it comes to data and information security.

As our guest on this episode of the PayFAQ Embedded Payments podcast, he tells host Bob Butler that cyber threats and attacks are constantly happening across merchants and the financial industry. In 2022 alone, there were around 1,800 publicly reported data breaches, a 40% increase from 2021 and at an all-time high average cost of over $4,000,000.

“Data and information security are not just important, but absolutely critical for our partners in the payments industry,” he says. Staying vigilant and proactive and safeguarding sensitive information is imperative for all software companies with Embedded Payments.

The leading cause of data breaches often include human error, according to Tsigankov. To prevent them, it’s crucial to implement a multi-layered security approach, involving employee training and awareness programs, robust access controls, regularly software updates, strong encryption methods for databases and using applications, and continuous monitoring for suspicious activities.

He also recommends that security audits and penetration testing should be part of a software company’s robust information security policy as well as the top 10 security controls. In addition, he suggests using tools like Big Fix or Auto Mocks that help companies automatically push updates to end users’ machines.

With a company’s credibility, trust, and success on the line, the significance of information security cannot be overstated. “Follow the best industry practices. Pick one framework, like PCI DSS or NIST, and implement their best practices in your ecosystem. By sticking to those practices, you shouldn't have any data breaches or vulnerabilities in the future.”

Don’t miss this informative conversation to learn more about what you can do to protect your payments data and what Payrix does to help protect you.