Companies trust us because of our continual commitment to protecting their data.
- Data Encryption at rest
- Data Encryption during transit
- Frequent vulnerability scanning
- Penetration testing bi-annually
- Bug bounty program
- Advanced threat detection via AWS GuardDuty
- SAML based SSO support
- And more...
Our security measures go far beyond securing just our applications. We have a variety of security measures in place across the company - built with best practice in mind, and customized to TravelPerk's environment.
We have a dedicated security team focused on keeping our business and clients protected. In addition to investing in specialist training, we're also a corporate member of the Chartered Institute of Information Security (CIIS) to ensure our team are continually developing their skills and knowledge.
We maintain a variety of policies including an Information Security Policy as part of our Information Security Management System (ISMS).
We are currently working towards our ISO 27001 certification and are implementing best practices across the company.
Our infrastructure is hosted by AWS who hold ISO 27001 and SOC 2, and payments are managed via Stripe, who hold PCI DSS Level 1.
Employee Awareness Scheme
We believe in modifying behaviors for the better, not just ticking a compliance box with annual online training. Which is why we provide in-house designed, role specific training to all employees, new joiners and relevant contractors.
We also make use of phishing simulations, custom awareness posters, Capture the Flag style events, and more.
We implement role-based access control at TravelPerk. This means that only a limited number of our staff have access to your data, based on their job role.
Both our application and support services have a variety of measures in place to ensure we can deliver a high availability service.
Third Party Vendors
We perform a thorough security audit and subsequent risk assessment on all vendors that will host confidential business or client data. We also use continuous security monitoring to keep track of our vendors.
As you'd expect, we have a wide range of technical security measures in place, from advanced Endpoint Detection & Response (EDR), through to cloud security and monitoring.
Our offices are all protected with a variety of measures, including 24/7 security guards and CCTV.
Data Protection & GDPR
We have a thorough compliance program in place. Please see an overview of our data protection measures here.
We've put together this comprehensive security whitepaper to give you a deeper understanding of how we do information security and data protection at TravelPerk. You can download it here!
Still got questions?
No problem! Please submit your queries to your TravelPerk sales representative and we can support you with additional documentation available under NDA, as well as access to our UpGuard shared profile.