Learn about security.
While keeping your shoes on.
Here's how we keep your data protected while you get where you need to be. No fluff, just facts.
Suspicious activity? Contact us.
All customer data stored in TripIt is located in a secure SAS70 Type II certified data center that uses multiple physical entry controls to ensure only those authorized and/or with data center responsibility are able to enter the facility.
No customer data is stored in any of our offices, or on any company or employee workstation.
We employ several features at the service level to keep TripIt secure and to ensure its availability. Some of these features include:
- Automatic logging of important events to closely monitor the health, performance and availability of the service, providing a better level of service to you.
- Alerts triggered by significant log events sent to appropriate personnel who respond accordingly.
- Log data does not contain sensitive personal information, and is protected from access by unauthorized personnel.
We understand that mobile devices are often lost and stolen. That’s why security protections have been built into our mobile apps including:
- Your sensitive personal information is encrypted on your mobile device.
- Access to your sensitive personal information is restricted by passcode.
We employ a structured software development life cycle (SDLC) when building and making changes and improvements to TripIt. Some of these security-related activities include:
- All changes are analyzed to ensure that security requirements are met.
- Software development personnel conduct code reviews to ensure that changes do not introduce security risks.
- We train our software developers on the techniques for writing secure code.
We also maintain a team of dedicated software security engineers who test the TripIt application to look for security vulnerabilities before changes or improvements are released to production.