Data & System Security

Those Who Know, Use BDO

We engaged BDO USA, an international accounting firm, to conduct a data and system security audit and to evaluate our systems for meeting SOC 2 criteria.

Industry Best Practices

We committed to a significant effort to adopt industry best practices regarding our systems and storage of airport data.

Annual Audits are De Rigueur

Our annual SOC 2 audit is done by an outside firm to provide assurance to customers that our internal security systems, policies, procedures and documentation are adequate and up to date.

Banner text graphics1
spy

Protection from Cyber-Crimes

Rapidly growing reports of cyber-crimes means that the security of systems and data handled by companies like GateKeeper are under attack. We take this very seriously. We’ve undergone an extensive audit and taken corrective actions to protect customers’ systems and data.

encrypted-data

An Ongoing Commitment

Customers can expect us to get a 3rd party objective, external and professional annual review of our systems. And they can expect us to implement the recommendations to keep data and systems safe.

cyber-security

Complete Security Transparency

At the conclusion of each annual audit, we’ll provide a copy of the report and its findings as well as recommendations for improvement to all our customers and to prospective customers.

We Follow the Experts

System and Organization Controls (SOC)2 is a comprehensive reporting framework put forth by the American Institute of Certified Public Accountants (AICPA) in which independent, third-party auditors (i.e., CPAs) conduct an assessment and subsequent testing of controls relating to the Trust Services Criteria (TSC) of Security, Availability, Processing Integrity, Confidentiality or Privacy.

System and Organization Control (SOC) reports were introduced in 2011 to address a growing number of system and data security issues. A set of specific criteria has been adopted by the financial community that are used to measure an organization’s compliance with the best-practices that have been developed.

 

GateKeeper has received and maintains an unqualified opinion.

For companies that demonstrate adherence to the Trust Services Criteria, auditors issue an unqualified opinion, which means that no significant exceptions were found during an audit.

 

More Detail on Trust Services Criteria

Security

Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to system that could compromise the availability, integrity, confidentiality, and privacy of information or system and affect the entity’s ability to meet its objectives.

Availability

Information and systems are available for operation and use to meet the entity’s objectives

Processing integrity

System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives

Confidentiality

Information designated as confidential is protected to meet the entity’s objectives

Privacy

Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.

 

Contact us today for more information or to set-up a demo!

 
Contact Us