Case Study

iZettle Tackles Compliance Requirements, Improves Product Delivery

Executive Summary

iZettle is an international mobile payments company founded in Sweden in 2010 that enables merchants to quickly and easily accept consumer card payments through an app and accompanying chip card reader. To ensure compliance with the payment card industry data security standard (PCI-DSS), iZettle adopted Splunk Enterprise as its centralized platform for security events, and to improve application delivery. Since deploying the Splunk platform, the company has seen benefits including:

  • Enhanced ability to meet current and future compliance requirements
  • Improved insider threat detection capabilities
  • Greater insight into the full product delivery lifecycle
    • Required a centralized logging solution for all security-related events to maintain PCI-DSS compliance
    • Rapid business growth meant security could no longer be maintained purely with manual processes
    • Lack of insights into the performance of new code when put into production was impacting the speed of new releases
Business Impact
    • Deploying Splunk Enterprise ensured iZettle was PCI compliant within five weeks
    • Enhanced threat detection capabilities with alerts created to monitor irregular access to sensitive files
    • Improved customer experience due to greater insight over product updates
Data Sources
    • Web servers
    • E-commerce applications
    • Middleware logs
    • On-premises servers
    • Database logs
    • Perimeter firewalls

Why Splunk

iZettle is a fast growing and disruptive technology company that operates in a highly regulated market. One key compliance obligation is PCI-DSS, a compulsory industry regulation that requires 90 days of online log retention and one year of log archiving for any organization that handles credit cards. iZettle initially reviewed the open-source options available for a centralized logging solution for security events. However, it quickly became clear that the Splunk platform would provide faster time to value than the alternatives. iZettle was able to demonstrate its improved capabilities to auditors within five weeks of downloading and installing Splunk Enterprise. Once iZettle began using the Splunk platform for compliance purposes, it quickly recognized that the same data could offer value across both product development and wider security uses cases, further enhancing the overall value it received.

Automated compliance capability enables focus on innovation

In order to focus on delivering innovation rather than spending excess time ensuring compliance requirements are met, iZettle has automated searches across its infrastructure. Should there be suspicious activity such as third party service connection issues to irregular activity in its Java environment, the security team is immediately alerted via email or SMS and can investigate further. The automation of searches also enables iZettle to demonstrate quickly and easily to auditors that it has a comprehensive overview of all security events. Despite rapid growth at iZettle, the Splunk platform has ensured that it remains compliant with PCI-DSS and can adapt to future regulatory changes.

Security posture enhanced with comprehensive monitoring and alerts

Greater insight into events occurring across iZettle’s infrastructure has improved its ability to detect potential insider threats. Through Splunk Enterprise, iZettle can monitor the integrity of sensitive files stored across different servers. Any unauthorized access by an employee who doesn’t have prior authorization generates a notification. This triggers the responsible team to carry out a closer inspection, ensuring that iZettle is providing another layer of data protection against potential threats regardless of their source.

Customer experience enhanced with product development insights

In addition to using the Splunk platform for security and compliance, iZettle also puts all product updates through a test environment, which it monitors with Splunk Enterprise. This enables the company to track the behavior of code in production and monitor the impact of an update on subsystems. If a new feature is causing an element of the application or service to slow, iZettle is able to spot the root cause quickly and correct it. This rigorous testing of any product or service update before it is put into general production ensures customer experience is constantly improved and means that new releases can be put into the field quicker.

“As iZettle has grown over the past four years, so has our use of Splunk Enterprise,” says Johannes Löfgren, head of DevOps and Infrastructure at iZettle. “It has become integral to the business not just for compliance, but ensuring that customers have a positive and secure experience using our services.”

“As iZettle has grown over the past four years, so has our use of Splunk Enterprise. It has become integral to the business not just for compliance, but ensuring that customers have a positive and secure experience using our services.”

Johannes Löfgren
Head of DevOps & Infrastructure