comes first
Your security
comes first
Companies trust us because of our continual commitment to protecting their data.
Application Security
- Data Encryption at rest
- Data Encryption during transit
- Frequent vulnerability scanning
- Penetration testing bi-annually
- Bug bounty program
- Advanced threat detection via AWS GuardDuty
- SAML based SSO support
- And more...
Organizational Security
Our security measures go far beyond securing just our applications. We have a variety of security measures in place across the company - built with best practice in mind, and customized to TravelPerk's environment.
Team
We have a dedicated security team focused on keeping our business and clients protected. In addition to investing in specialist training, we're also a corporate member of the Chartered Institute of Information Security (CIIS) to ensure our team are continually developing their skills and knowledge.
Security Policies & Best Practice
We maintain a number of policies including an Information Security Policy as part of our Information Security Management System ISMS. These policies are aligned with recognised global best practices in information security such as ISO 27001, SOC Type 2 and cyber essentials and provide strategic direction to maintaining our ISMS.
Data Centre Security
Our service is hosted in AWS data center in Ireland. AWS is ISO 27001 and SOC2 certified, extremely high availability and built/maintained with resilience, continuity and disaster recovery in mind.
Employee Awareness Scheme
We believe in modifying behaviors for the better, not just ticking a compliance box with annual online training. Which is why we provide in-house designed, role specific training to all employees, new joiners and relevant contractors.
We also make use of phishing simulations, custom awareness posters, Capture the Flag style events, and more.
Access control
We implement role-based access control at TravelPerk. This means that only a limited number of our staff have access to your data, based on their job role.
Business continuity
Both our application and support services have a variety of measures in place to ensure we can deliver a high availability service.
Third Party Vendors
We perform a thorough security audit and subsequent risk assessment on all vendors that will host confidential business or client data. We also use continuous security monitoring to keep track of our vendors.
Technical Security
As you'd expect, we have a wide range of technical security measures in place, from advanced Endpoint Detection & Response (EDR), through to cloud security and monitoring.
Physical security
Our offices are all protected with a variety of measures, including 24/7 security guards and CCTV.
Data Protection & GDPR
We have a thorough compliance program in place. Please see an overview of our data protection measures here.
Security Whitepaper
We've put together this comprehensive security whitepaper to give you a deeper understanding of how we do information security and data protection at TravelPerk. You can download it here!
Certifications
We currently hold the following certifications:
Still got questions?
No problem. Check our TravelPerk Security and Privacy Trust Center or please submit your queries to your TravelPerk sales representative and we can support you with additional documentation available under NDA.