Features
Modules
Teams
Solutions
Pre-Arrival UpsellsThird-Party AuthorizationsCashless TippingGap Night ExtensionContactless Check-In
At Akia, we take security seriously. We map our security program to industry standards such as ISO 27001 and the CIS Critical Security Controls. Not only are we looking for ways to improve the security of our product, but also with how we conduct our daily business.
Using tools and regular testing procedures, we ensure that every employee is compliant with our security policies and that they understand the role they play in securing Akia.
Akia is hosted in Google Cloud Platform. These Tier 1 Distributed data centers are ISO27001, ISO27017, ISO27018, SOC1/2/3, PCIDSS, and CSA STAR compliant.
While we believe that security is everyone's responsibility, our program is led by our Chief Technology Officer.
Our payment processor, Stripe is a certified Level 1 Service Provider. Akia never has access to raw payment details.
Akia is TCPA compliant.
Akia is GDPR compliant.
Employees are required to use SSO for all business critical systems and two-factor authentication is enforced wherever possible.
All employee laptops are managed, have encrypted hard drives and are monitored with antivirus software. Lost or stolen equipment are immediately locked and remotely wiped.
The internal network is restricted, segmented and password protected.
As part of our commitment to ensure that every member of our team understands the role they play when it comes to security, we provide ongoing security training throughout the year.
At Akia, we take security seriously. We map our security program to industry standards such as ISO 27001 and the CIS Critical Security Controls. Not only are we looking for ways to improve the security of our product, but also with how we conduct our daily business.
Using tools and regular testing procedures, we ensure that every employee is compliant with our security policies and that they understand the role they play in securing Akia.
Akia stores the following customer data in its cloud:
Data captured or collected within the Akia platform is never sold to third parties.
SSL Encryption is used throughout Akia to protect PII and non-public data from unauthorized access.
All communication between Akia users and the Akia-provided applications are encrypted-in-transit while using the application.
All databases and database backups are encrypted at rest.
Customers can request all of their data, or have it deleted by sending an email to: help@akia.com as long as it is not subject to a legal hold or investigation.
Once an account is deleted, all associated data, conversations are removed from the system. This action is irreversible.
Customer data is limited to only those with roles that require access to perform their job duties. An example of this is our Support team.
At Akia, we use 3rd party services to help with analytics, payments, sending transactional emails and for hosting our service. All 3rd party services undergo a due diligence check to ensure your data stays secure. The data provided to these services is limited to the minimum required to perform their processing duties.
Our backend infrastructure is hosted in GCP and is fully monitored to detect any downtime.
Akia conducts 3rd party penetration tests at least quarterly. In addition to regular pen-testing, we also use scanning tools to monitor and detect vulnerabilities.
If you believe you have discovered a vulnerability within Akia's application, please submit a report to us by emailing security@akia.com.
If you believe your account has been compromised or you are seeing suspicious activity on your account please report it to security@akia.com.