comes first
Your security
comes first
Companies trust us because of our continual commitment to protecting their data.
Application Security
- Data Encryption at rest
- Data Encryption during transit
- Frequent vulnerability scanning
- Penetration testing bi-annually
- Bug bounty program
- Advanced threat detection via AWS GuardDuty
- SAML based SSO support
- And more...
Organizational Security
Our security measures go far beyond securing just our applications. We have a variety of security measures in place across the company - built with best practice in mind, and customized to TravelPerk's environment.
Team
We have a dedicated security team focused on keeping our business and clients protected. In addition to investing in specialist training, we're also a corporate member of the Chartered Institute of Information Security (CIIS) to ensure our team are continually developing their skills and knowledge.
Policies
We maintain a variety of policies including an Information Security Policy as part of our Information Security Management System ISMS.
Certifications
We are currently working towards our ISO 27001 certification and are implementing best practices across the company.
Our infrastructure is hosted by AWS who hold ISO 27001 and SOC 2, and payments are managed via Stripe, who hold PCI DSS Level 1.
Employee Awareness Scheme
We believe in modifying behaviors for the better, not just ticking a compliance box with annual online training. Which is why we provide in-house designed, role specific training to all employees, new joiners and relevant contractors.
We also make use of phishing simulations, custom awareness posters, Capture the Flag style events, and more.
Access control
We implement role-based access control at TravelPerk. This means that only a limited number of our staff have access to your data, based on their job role.
Business continuity
Both our application and support services have a variety of measures in place to ensure we can deliver a high availability service.
Third Party Vendors
We perform a thorough security audit and subsequent risk assessment on all vendors that will host confidential business or client data. We also use continuous security monitoring to keep track of our vendors.
Technical Security
As you'd expect, we have a wide range of technical security measures in place, from advanced Endpoint Detection & Response (EDR), through to cloud security and monitoring.
Physical security
Our offices are all protected with a variety of measures, including 24/7 security guards and CCTV.
Data Protection & GDPR
We have a thorough compliance program in place. Please see an overview of our data protection measures here.
Security Whitepaper
We've put together this comprehensive security whitepaper to give you a deeper understanding of how we do information security and data protection at TravelPerk. You can download it here!
Still got questions?
No problem! Please submit your queries to your TravelPerk sales representative and we can support you with additional documentation available under NDA.