Industry News

Inntopia receives ISO 27001 security certification, among first in hospitality

18 months after starting process, Inntopia wins data-security approval

If there’s anything the last few years have taught the travel industry, it’s that there is definitely “such thing” as bad press. Actual headlines like these – from just the last 18 months alone – are becoming all too common:

Travel Industry Continues to Be Plagued by Data Breaches

Travel Site Breach Impacts 1.4 Million

Exposed Database Left Terabyte of Travelers’ Data Open to Public

Here’s the thing, Inntopia has taken security extremely seriously since day one. The only problem? We could say so until we were blue in the face, but it’s been tough to prove it. We didn’t have a tangible way to show our partners how much we care about the security of their data and that of their guests.

Well, now we do.

Njama Braasch, director of security and compliance at Inntopia, holds the certification with Trevor Crist, Inntopia’s CEO, in the company's office in Burlington, Vt.

ISO 27001 Certification
In its official wording, ISO 27001 is a globally recognized standard for the establishment, maintenance, and certification of an information security management system. In layman’s terms, it’s proof that a company doesn’t just talk the talk with security, but walks the walk at a very high level.

A level where the majority of names you see are Fortune 500 brands.

We wanted to show, in no uncertain terms, where we stood on this. So in September of 2018, our Director of Security and Compliance, Njama Braasch, started the certification process.

To be clear, this is an all-in effort. In total there are 11 charters and 114 controls that are part of the certification process. A business must implement each of these controls to satisfy the standard. As we expected, our existing security measures already covered many of these requirements. However, we also identified a few gaps, which we carefully and thoughtfully addressed as a team.

Inntopia is Now Officially Certified
Today, 18 months later, we’re excited to announce that Inntopia is ISO 27001 certified.

While it’s fun to celebrate this milestone, Njama made a great point about what this truly means when I talked to him last week:

“The cool thing about ISO 27001 is that, unlike some security accreditation, it’s not just about the tech. This is about the way Inntopia, our employees and infrastructure, are operating safely and securely as well. It becomes a re-assurance, backed by a verified third-party audit, that ‘We’ve got your back.’”
I’ve talked about how our customer-focused mindset means that we invest more in support than other companies, and this certification is yet another example of that investment.

· We’ve hired the right people.
· We’ve put in the time.
· We’ve checked every box.
· We’ve made all the necessary changes.
Now, we’re proud to say that our investment in security isn’t just a bullet point in a sales deck, but truly a part of our company’s DNA.

And we can prove it.

Gregg Blanchard, VP Marketing