By transitioning payments transactions to an integrated, cloud payment system, businesses can enable their customers with convenient payment options while saving significant time and money. A recent American Express study on cloud-based payment systems showed a large majority of mid-market companies (95%) agree that transitioning a company’s payment transactions to the cloud is an affordable and necessary option as technology becomes more advanced.
It seems that “the cloud” is everywhere these days. It’s finding its way into virtually every aspect of our business and consumer lives. Businesses large, small and every size in between, are being inundated with offers to move pieces of their business to “the cloud.”
Simply put, and as you may already be well aware, cloud computing leverages groups of remote servers and software networks to deliver centralized data storage and online access to computer services or resources. Another way to think of it is similar to a utility model where the sharing of resources (servers and networks as opposed to electricity or gas) helps achieve computing coherence and economies of scale.
Perhaps the greatest benefit the cloud delivers businesses is the ability to focus on core competencies and delivering their customers with the highest quality products and services, rather than IT infrastructure. From a cost perspective, the cloud allows businesses to avoid traditional upfront CAPEX costs and instead transition to an OPEX, “pay as you go” model.
Another notable benefit of transitioning to the cloud is increased redundancy. Businesses should actively seek cloud payment providers that offer fully redundant production and testing environments with no single point of failure. This means that should your main production or testing environment go down, you can fail-over to a mirrored back up environment in near-real time. Not only does the cloud significantly decrease downtime, but it also minimizes—if not completely eliminates—costs that would have gone towards the hardware, software, rent and human capital required to manage physical secondary production and testing environments.
Cloud-based, integrated payment processing seamlessly integrates payment processing features with businesses’ existing accounting and back-office systems. By integrating in real-time with the accounting system, businesses can clear and post their payments in a single pass. With streamlined, automated processing, businesses are also able to access funds quickly, improving cash flow and increasing their bottom line.
Advanced, integrated cloud-based payment systems provide the ability for the business to handle checks (via remote deposit capture), credit cards, ACH, and cash – automatically posting all processed payments to their bank and corporate A/R system via a single, PCI-compliant, cloud-based system. Additionally, some systems offer bank-agnostic, “plug and play” capabilities that allow the system to easily integrate with any financial institution, payment gateway, CRM system or back-office accounting solution.
Despite the significant maturity that is taking place within the security technology landscape, data security—or perhaps more specifically, skepticism surrounding data security—remains one of the primary objections for businesses considering the move to the cloud.
According to a 2014 Trustwave Global Security Report, the primary data type targeted by attackers is cardholder data. There is a well-established underground marketplace for stolen payment card data, which is bought and sold quickly for use in fraudulent transactions. One benefit of cloud-based processing is that card and payment data can be encrypted (and tokenized as necessary) when it’s stored or processed on cloud platforms. What’s more, when leveraging cloud-based payment systems, no payment data is stored locally on the device—greatly reducing the risk of this sensitive data falling into the wrong hands.
For those organizations with limited in-house IT resources, the added benefit of an outsourced payment processing partner with expertise in payment security can help ease the stress of security and compliance checks and balance and allow you to focus on your core business.
Businesses should look for payment partners that meet the appropriate levels of PCI DSS security standards and utilize end-to-end encryption to securely operate, manage and control the payment data components from the host operating system and virtualization layer, all the way down to the physical security of the facilities where payments are being accepted and/or monitored. Businesses can confirm their cloud provider complies with those PCI compliance requirements by obtaining the providers’ Attestations of Compliance and audit reports. These reports should be taking place on an annual basis and be readily available upon request.
Anyone familiar with cyber security is well aware that the bad guys have an excess of time and resources on their side, and are becoming more skilled each day. However, cloud payment safety concerns can be assuaged with some due diligence from the business.
FireHost CEO, Jim Lewandowski advises, “To adequately protect against outside threats, you must implement multi-layered security controls to go above and beyond the baseline requirements of your regulatory organization.” For companies looking to securely process payments in the cloud, this means ensuring that not only the payment platform or application layer itself is compliant in key areas such as PCI DSS and HIPAA, but to also seek partners who can bring best practices, expertise and proactive security processes at the data center and hosting layer as well.
With a trusted provider, the benefits of cloud-based payment processing are numerous and can have a significant, positive impact to both your customer experience and your bottom line. As with all things in business, in order to be successful, you must find the right balance of technology, people and processes to align with your strategic objectives. Moving your payment processing to the cloud is no exception to this principal.
Originally published January 14, 2015.