Security at Gatekeeper

Your data security is our top priority. We employ industry-leading practices to protect your organization and visitor information.

Security Features

Comprehensive security measures built into every layer

Encryption

All data is encrypted using AES-256 at rest and TLS 1.3 in transit.

Infrastructure

Hosted on SOC 2 compliant cloud infrastructure with 99.99% uptime SLA.

Access Controls

Role-based access control (RBAC) with granular permissions and audit logging.

Compliance

SOC 2 Type II certified with GDPR and CCPA compliance support.

Authentication

Support for SSO (SAML 2.0, OAuth), MFA, and password policies.

Security Testing

Regular penetration testing and vulnerability assessments by third parties.

Data Protection

Encryption Standards

All customer data is encrypted at rest using AES-256 encryption. Data in transit is protected using TLS 1.3 with strong cipher suites. Database backups are also encrypted and stored in geographically separate locations.

Data Isolation

Each customer's data is logically isolated using unique encryption keys and database-level separation. No customer can access another customer's data under any circumstances.

Data Retention

You control how long visitor data is retained. Configure automatic deletion policies to comply with your organization's requirements. All data can be exported at any time in standard formats.

Backup and Recovery

Automated daily backups with point-in-time recovery capability. Backups are stored across multiple availability zones with 99.999999999% durability.

Compliance & Certifications

Meeting the highest industry standards for data protection

SOC 2 Type II

Annual audit of security, availability, and confidentiality controls

GDPR Compliant

Full compliance with EU data protection regulations

CCPA Compliant

Compliance with California Consumer Privacy Act

HIPAA Ready

BAA available for healthcare organizations (Enterprise)

Infrastructure Security

Cloud Infrastructure

Gatekeeper runs on enterprise-grade cloud infrastructure with SOC 2, ISO 27001, and FedRAMP certifications. Our infrastructure spans multiple availability zones for high availability and disaster recovery.

Network Security

Multiple layers of network security including firewalls, intrusion detection, DDoS protection, and network segmentation. All administrative access requires VPN and multi-factor authentication.

Monitoring and Logging

24/7 security monitoring with automated alerting for suspicious activity. Comprehensive audit logs for all system access and changes. Log data is retained for a minimum of one year.

Our Security Practices

Secure Development

Our development team follows secure coding practices including code reviews, static analysis, and dependency scanning. All code changes are tested in isolated environments before deployment.

Vulnerability Management

Regular vulnerability scanning and annual penetration testing by independent security firms. Critical vulnerabilities are addressed within 24 hours.

Incident Response

Documented incident response procedures with defined escalation paths. Customers are notified of any security incidents affecting their data within 72 hours as required by GDPR.

Employee Security

Background checks for all employees with access to customer data. Security awareness training conducted quarterly. Access granted on a need-to-know basis with regular access reviews.

Security Questions?

Our security team is available to answer questions and provide additional documentation.

Contact Security Team