Data & System Security
Those Who Know, Use BDO
We engaged BDO USA, an international accounting firm, to conduct a data and system security audit and to evaluate our systems for meeting SOC 2 criteria.
Industry Best Practices
We committed to a significant effort to adopt industry best practices regarding our systems and storage of airport data.
Annual Audits are De Rigueur
Our annual SOC 2 audit is done by an outside firm to provide assurance to customers that our internal security systems, policies, procedures and documentation are adequate and up to date.
Protection from Cyber-Crimes
Rapidly growing reports of cyber-crimes means that the security of systems and data handled by companies like GateKeeper are under attack. We take this very seriously. We’ve undergone an extensive audit and taken corrective actions to protect customers’ systems and data.
An Ongoing Commitment
Customers can expect us to get a 3rd party objective, external and professional annual review of our systems. And they can expect us to implement the recommendations to keep data and systems safe.
Complete Security Transparency
At the conclusion of each annual audit, we’ll provide a copy of the report and its findings as well as recommendations for improvement to all our customers and to prospective customers.
We Follow the Experts
System and Organization Controls (SOC)2
is a comprehensive reporting framework put forth by the
American Institute of Certified Public Accountants (AICPA)
in which independent, third-party auditors (i.e., CPAs) conduct an assessment and subsequent testing of controls relating to the Trust Services Criteria (TSC) of Security, Availability, Processing Integrity, Confidentiality or Privacy.
System and Organization Control (SOC) reports were introduced in 2011 to address a growing number of system and data security issues. A set of specific criteria has been adopted by the financial community that are used to measure an organization’s compliance with the best-practices that have been developed.
GateKeeper has received and maintains an unqualified opinion.
For companies that demonstrate adherence to the Trust Services Criteria, auditors issue an unqualified opinion, which means that no significant exceptions were found during an audit.
More Detail on Trust Services Criteria
Information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to system that could compromise the availability, integrity, confidentiality, and privacy of information or system and affect the entity’s ability to meet its objectives.
Information and systems are available for operation and use to meet the entity’s objectives
System processing is complete, valid, accurate, timely, and authorized to meet the entity’s objectives
Information designated as confidential is protected to meet the entity’s objectives
Personal information is collected, used, retained, disclosed, and disposed of to meet the entity’s objectives.