Harnessing Advanced Security Capabilities in an Evolving World

The fintech industry has seen a wide range of new technological innovations, changes, and threats over the past few years. Finance Magnates spoke with Yuri Hefetz, CEO of Easy Technologies for his in-depth perspective on an evolving industry and his companys role within it.

You are no stranger to the fintech industry, can you tell me about your experience and some background about Easy Tech？

Coming from the world of financial services, I saw there was a lack of personalization amongst technology providers within the Fintech industry. As such, I established Easy Technologies, or Easy Tech for short - a technology provider that emphasizes not only a strong understanding of Fintech businesses, but also increased customized approaches and targeted communication.

Easy Tech prides itself on adopting a customized approach when offering our complete turnkey solution for brokerages. With a dedicated in-house CRM, trading platforms, and more, we present our product and services to potential and existing clients as though we are business partners.

This ideology adds an additional vested interest for us, which drives us to constantly optimize our solutions and seek improvements in an ever changing and developing industry.

Data security and privacy is paramount. Why is this so, especially within the Fintech sector？ What are some common cyber-attack surfaces that Fintech companies face？

Financial service providers deal with sensitive information such as client personal details, addresses, and payment information like credit card numbers and banking details. As such, they have an obligation to protect their clients' data, which is many times considered the most valuable part of their business.

Today, the industry is facing huge spikes in attacks like brute force, DDoS, and SQL injection. Therefore, we must be proactive in anticipating cyberattacks and employing adequate measures to prevent them.

As a SaaS B2B company, what are some of Easy Tech‘s security protocols？ How does Easy Tech protect its platform and client’s data？

Easy Tech uses the newest and the most advanced technologies to secure its clients data and to make our clients feel safe.

We combine multiple security controls to monitor, detect, and combat cyberattacks. Namely, we employ a multi-layered security structure, that ensures if one protection fails, other defenses will still protect and operate smoothly, thereby reducing attack surfaces.

Additionally, in order to keep our clients data safe, we encrypt all traffic, data, and disks with SSL, WAF, and 2FA encryptions.

How long does Easy Tech keep data？ Does it have data retention schedules in place, in line with legal and regulatory compliance？

As Easy Tech is fully GDPR compliant, the storage of our client's data is carried out in accordance with their policies. As part of its data subject right of access (GDPR Article 15), we perform cold backups every day and operational backups by replication to another data center.

This is to ensure that clients can obtain or even reinstate (closed their account but wish to reopen) their history with us. All such data information retention and backup retention policies are stored according to our terms of service and detailed further within each individual client agreement.

What mechanisms does Easy Tech employ to delete or destroy data if requested to do so？

According to GDPR Article 17 or right to erasure, we comply by storing our data in encrypted forms. Doing so allows us to prevent fully recovery of data, as even if some data surfaces it is only a partial picture and does not provide consistent data. Additionally, all information clusters are overwritten.

Has Easy Tech set up appropriate incident management procedures to handle a security incident？

For handling security incidents, we have log monitoring and our own developed detection system. It allows us to react immediately and solve any incident in the shortest time period possible, thereby ensuring complete data security for our users.

Did Easy Tech ever have any security issues, and if yes, how did the company combat them？

As the hacking industry evolves all the time, incidents happen.

In many cases, breaches in security originate due to gaps on the client end. As such, we advise our clients on how to best secure their systems.

Additionally, we implement the current best security practices on our end to prevent potential breaches, constantly search and strive for updated and new security protocols, and even engage third parties to assist us in continuously auditing the security of our systems.

What data security feature(s) separate Easy Tech from its competitors？

Possibly the main security feature that is unique, is that we actively isolate every single client's data from our own and each other‘s system by hosting them on different instances. Additionally, each instance is a separate system that does not transfer any data to outside services. Doing this reduces our and our client’s cyberattack surfaces by limiting the avenues of entry.

Does the company plan on adopting new security features, and if yes, which ones, and why？

Similarly, to Apple, we have built a complete in-house and closed system. By not relying on outside solutions and providers for our own network, we thereby reduce the number of access points to our platforms. Doing all this makes it more difficult for attackers to penetrate our systems.

In addition, we monitor innovations in security all the time and if we consider a particular solution can improve our system, we will then implement it.

Where does the company see itself in a few years from now, both security wise and generally？

Our company strives to improve and move forward. Naturally, we see ourselves in the future as a leader in balancing protection and performance of our product. Furthermore, we constantly listen to our clientele through our excellent support staff and adapt our services, offerings, and product to fit their business requirements.