Duve achieves these certifications and ensures the highest level of security and privacy for its customers’ data
Duve, awarded best guest experience platform for hotels, became one of the first SaaS companies in hospitality to achieve the ISO 27001 & 27701 certifications. After undergoing penetration tests, employee training, internal audits and implementation of security tools, these certifications demonstrate Duve’s commitment to maintaining the highest levels of security and data protection for their customers and partners. The ISO 27001 & 27701 certifications guarantee peace of mind for Duve’s hoteliers and apartment hosts, assuring that sensitive information is protected.
What is ISO?
ISO is the International Organization for Standardization and is an independent, non-governmental, international organization that develops standards to ensure the quality, safety, and efficiency of products, services, and systems.
An ISO certification certifies that a particular system, process, service, or procedure has all the requirements for standardization and quality assurance. The International Standard organization develops the standards, in order to correctly certify businesses or organizations. Though, certifications are handled by a third-party and tested annually. Each certification has separate standards and criteria and is classified numerically.
How to maintain an ISO certification
Obtaining an ISO certification can be a difficult and tiring process, but in reality the hardest part is maintaining your ISO certification.
Maintaining an ISO certification means constantly monitoring and assessing QMS (quality management systems) to ensure that your company is in line with the level of standard. Along with making constant adjustments to aim for constant improvement.
Snapshot of ways to maintaining an ISO certification:
- Improving customer satisfaction
- Correctly training employees
- Collecting detailed company data
Why is it important?
International Organization for Standardization certification is important for companies to show quality, credibility and trust for consumers, clients, and partners. Today many businesses live in a global marketplace where customers require a standard of quality assurance, management, service, and procedures.
Why it is important in the Hospitality industry
Data protection is a crucial aspect of hotel management that can cause significant reputation damage and financial losses for hotels. A breach of data security can negatively impact overall business growth.
IBM’s Cost of a Data Breach Report noted the average cost of a data breach in hospitality reached $2.94 million in 2022.
In 2015 Hilton and 2016 Trump were hit with data breaches that resulted in theft by hackers gaining access to card information of various guests. This not only brought these companies a huge financial loss, but also made them lose credibility and a good reputation.
Another example can be seen by MGM Resorts in 2019, where information was stolen for about 10.6 million hotel guests. This information included names, addresses, phone numbers, and email addresses.
“We saw data breaches affecting many major hotel chains. In 2018, for example, Marriott announced that personal data of 500 million guests was compromised in a data breach. This breach had significant consequences for the company and its customers, including severe financial losses and reputation damages. With sensitive information flowing between multiple systems in a hotel’s tech-stack, overlooking the need for strong security controls is not an option for hoteliers looking to grow their business, as the impact of a data breach can take a company several years to fully recover from the damage to its reputation and customer trust.” – Jeremy Atlan, Chief Business Development Officer & Co-Founder at Duve
Shai Bar, Chief Technology Officer and Co-Founder at Duve adds:
“In recent years, the hospitality industry has been increasingly targeted by cybercriminals who seek to gain unauthorized access to sensitive information. These breaches have affected not only small hotels, but also large hotel chains, highlighting the need for robust security controls to protect guest data. As technology continues to play a critical role in hospitality, sensitive information such as guest personal details, identification documents, credit card information and more are being stored electronically. It’s crucial that hotels implement comprehensive data protection measures to safeguard this information. Achieving both ISO 27001 and ISO 27701 certifications is a significant milestone for us at Duve, demonstrating our commitment to maintaining the highest levels of security and data protection for our customers and integration partners. As a technology provider, it is crucial to have proper controls in place to protect sensitive information and guarantee peace of mind for our hoteliers or hosts and their guests personal information. This is an ongoing commitment and Duve will continue to invest in data protection through yearly external audits, to maintain the highest level of data protection for our customers.”
Duve is revolutionizing guest experience by offering a truly personalized guest experience suite. Duve helps hoteliers create a tailored and digital journey for each and every guest – from online check-in flows that meet the exact needs of each guest, to a web-based guest app with relevant content in the guests’ native language, to personalized upsells that increase revenue potential and satisfaction of each guest. By partnering with more than 150 integration partners, across all major PMS’s, OTA’s, PSP’s, Digital Key providers and 3rd-party vendors, Duve helps transform the way guest experience is provided at thousands of hotels of vacation rentals around the world. Visit our website at www.duve.com to learn more.
Duve is also committed to providing the highest level of security and data protection to always give customers and partners peace of mind. That’s why Duve is among the First SaaS companies in the Hospitality industry to achieve both ISO 27001 and ISO 27701 certifications. Duve ensures that sensitive information is always protected.