At ITILITE, we're committed to protecting the privacy security, and availability of our products.
ITILITE is dedicated to continuously improving the security, technical and organizational measures to better protect the customer data and sensitive information shared with us. We are always evaluating industry standard practices regarding technical data privacy and information security & strive to meet or exceed those standards. Our security programs are comprehensive and dedicated to all facets of safety.
ITILITE holds the following trusted security certifications for which we are audited regularly.
ITILITE being a custodian of customers’ data, a Zero-Trust model of security architecture, robust product delivery, and a highly resilient service platform are the key tenets of its service delivery.
The multi-tiered data security model
End-to-end security integrated into the product lifecycle
Our system availability and performance at all times.
We understand the value of personal data. With our robust system of data safeguards, we allow you to focus on the data rather than on its security – So your data is protected first. Not last our secure cloud partners
Our network security architecture consists of multiple security zones. More sensitive systems, like database servers, are protected in our most trusted zones.
Anti-Malware solution and Spam protection applied based on latest threat signatures and threat intelligence ensuring end-user platform security.
AES 256 bit encryption with 1,024-bit key-strength for data at Rest and FIPS 140-2 compliant TLS encryption for data in transit.
Role-based access through an explicit need-to-know basis utilizes the least privilege & two-factor authentication and end-to-end audit trails ensuring access monitoring.
Information security and data privacy requirements are baked into every release cycle and form part of the blueprint considerations of the product.
Builds are put through stringent functionality tests, performance tests, stability tests, and Ux tests before the build is certified “Good to go”.
The product road-map is defined and reviewed periodically by the Product Owner. Security fixes are prioritized and are bundled in the earliest possible sprint.
All changes are tested by the Quality Assurance team and criteria are established for performing code reviews, web vulnerability assessment, and advanced security test practices.
Source Code is managed centrally with version controls and access restricted based on various teams that are assigned to specific sprints. Records are maintained for code changes and code check-ins and check-outs.
All components are deployed in ‘n+1’ mode across multiple availability zones configured in active-active mode behind a load balancing service.
Route users to the best endpoint based on geo-proximity, latency, health, and other considerations.
Near real-time backups taken across multiple availability zones in encrypted and access controlled containers.
Our Disaster Recovery (DR) program ensures that our services remain available and are easily recoverable in the case of a disaster. This is accomplished through building a robust technical environment, creating Disaster Recovery plans, and testing activities.
Itilite has a designated Data Protection Officer and a Grievance Redressal Office. If you have any questions on data privacy or process integrity, like which data is collected from you and how your data will be used, you can write to dpo@itilite.com. Depending on the nature of your query, you can expect a response within 7 to 21 business days.
Please refer to our Cookie Declaration and Privacy Policy to know more.
BUSINESS TRAVEL
EXPENSE MANAGEMENT
VIRTUAL T&E CONSULTANT
TRAVELER SAFETY
MARKETPLACE
FOR FINANCE TEAMS
FOR TRAVEL MANAGERS
FOR EMPLOYEES
BLOG
CASE STUDIES
FREE TOOLS
WEBINARS
WHAT'S NEW
FAQ
ABOUT US
CAREERS
CONTACT US
REFERRAL PROGRAM
NEWSROOM