At Payt, every month is Cyber Security Month

Illustration of a man standing next to a computer with finance analytics

This October, the European Union is organising Cyber Security Month for the tenth time. As part of it, all kinds of activities and campaigns are taking place, but it is also an ideal opportunity to draw attention to the measures Payt takes to protect your data. Payt constantly works with privacy-sensitive information. After all, to properly run the debtor process, we need (personal) data from both the debtor and creditor. Moreover, through an iDEAL link, we ensure that payments can be made easily, which means we have digital access to customers’ and users’ bank details. If you work with such privacy-sensitive information within an online platform, you want to make sure your platform’s security is up to scratch. We review a number of angles.

Secure software

If you want to keep up with the needs in the market, you will have to constantly adapt the software. We only take new functionality into use once at least two colleagues have given their approval and a number of automated tests have been completed. Security plays a role in every step. But the customer organisation also influences security. Payt offers the option - and recommends - making two-factor authentication (2FA) mandatory, so that in addition to username and password, an additional code or attribute is required to access data.

Secure Infrastructure

The Payt application is offered from servers in a data centre of AWS, one of the largest providers in this field. Naturally, all data is located in Europe. Encryption takes place on the data traffic. There is protection against malware, such as viruses and ransomware, and the data is backed up. And all kinds of components are duplicated so that availability is optimal - and as agreed. All measures you would expect in this industry. Yet to leave nothing to chance, every year we ask a specialised company to subject the Payt application and infrastructure to a so-called penetration test. They look for vulnerabilities and try to exploit them. Payt is further sympathetic to the concept of ethical hacking and appreciates it when - responsibly - vulnerabilities in our software are reported. If anyone finds a vulnerability in one of our systems, we would like to hear about it. This enables us to take measures as quickly as possible. If it turns out to be a justified report, we offer a reward (bug bounty) in return. This cooperation helps us to protect our customers and our systems even better.

External supervision

But even if we ourselves think we have it right, it is also important to have it assessed objectively. That is why Payt has the above measures, and the management system that ensures that the measures remain effective and appropriate, audited every year by a certification body that does so under the supervision of the Dutch Accreditation Council. Then our performance is measured against two recognised standards, namely ISO27001 (the global standard for information security), and NEN7510 (for healthcare information security in the Netherlands). Payt has held such certificates since 2016.

Continuous improvement

In the security world, you are never done. After all, what is secure today doesn’t have to be tomorrow. Therefore, internally at Payt, we are always keen on improvements and therefore analyse incoming signals from partners, suppliers and peers, as well as results of risk assessments, audits and controls. This can then lead to adjustments in policy, or other technical measures, or renewed attention to phishing mails, for example.

And so at Payt, every month is Cyber Security Month.

Tags:
ad
Written by Ad van 't Hoenderdal LinkedIn profile
Ad van 't Hoenderdal is Security Manager & Internal Auditor at Payt. He ensures that Payt's systems and information are secured and the right certifications are implemented. He also does the audits for Payt.

Share this article

Related articles

Payt 10 years logo
My colleagues also contribute to the pleasant, informal working atmosphere at Payt. We have a great team that collectively delivers a quality product, and that sense of togetherness is nurtured by Payt - Vincent van der Zee, Developer
I have been part of the development team at Payt as a front-end developer since early 2021. This means that my tasks mainly involve the front end of the application: the look and feel and many functionalities that our clients use.
Payt 10 years logo
It's great to work with driven and experienced developers. We help each other, but we're also critical of each other's work and strive for the best end result - Samuel Esposito, Developer
The transition to developing Payt's debtor management software was a logical step, and I found an enthusiastic development team with a strong focus on the quality and maintainability of the software systems.
Offset your CO2 emissions with Payt: A green step forward!
At Payt, we believe in the responsibility we bear for our impact on the environment. We see the consequences of our negative contribution to the environment almost daily in the news. In a time where environmental awareness is becoming increasingly important, we make it possible to offset the CO2 impact of using our software. Curious about how you can make a green contribution? Then read on!