What cyber security means at Elyndara
Cyber Security
Cyber security at Elyndara is the practical protection of systems, accounts, devices, and data that support guest journeys, internal operations, commercial relationships, and employer credibility.
Governance & Culture
Cyber Security
Protecting guest, employee, and business information through disciplined digital practice.
Quick summary
Elyndara expects secure handling of guest data, careful system access, phishing awareness, responsible vendor behavior, and prompt reporting of cyber incidents or suspected compromise.
Data Protection
Guest, employee, and commercial information should be handled on a need-to-know basis.
Elyndara may hold itinerary detail, contact data, payment-related coordination, commercial terms, and internal records that require careful handling. Access should be limited, purposeful, and consistent with lawful and professional expectations.
- Sensitive information should not be shared through casual or unsecured channels.
- Stored and transmitted data should be handled with appropriate caution and control.
- Team members should avoid retaining information they no longer need for legitimate work.
Access and Authentication
System access should be controlled, individual, and professionally managed.
Accounts, passwords, and permissions are part of operational security. Elyndara expects strong password discipline, appropriate access levels, and prompt removal or review of access where role changes or security concerns arise.
- Shared credentials and informal access practices should be avoided.
- Devices used for company work should be protected and updated appropriately.
- Access rights should reflect actual business need rather than convenience.
Phishing and User Risk
Many cyber incidents begin with ordinary-looking messages or requests.
Employees and partners should exercise care with emails, attachments, links, login prompts, and unexpected requests involving payment, credentials, or sensitive information. Urgency and familiarity should not replace verification.
- Question unexpected payment changes, login prompts, or confidential data requests.
- Report suspicious messages rather than interacting with them casually.
- Verification should happen through trusted channels when something feels inconsistent.
Third-Party and Vendor Risk
Cyber security expectations extend to relevant suppliers and platforms.
Because Elyndara works with external systems and partners, cyber risk can arise through vendors as well as internal users. Digital partners should be selected and managed with reasonable regard for confidentiality, access control, and service reliability.
- Vendors handling sensitive data should demonstrate credible security practice.
- Unnecessary data sharing with third parties should be avoided.
- Third-party incidents affecting Elyndara information should be escalated without delay.
Incident Reporting
Early reporting helps contain damage and restore trust faster.
Suspected account compromise, data leakage, phishing, malware, lost devices, or unauthorized access should be reported quickly so containment, review, and corrective steps can begin. Silence increases both operational and reputational risk.
- Report suspected incidents even if full details are not yet known.
- Do not attempt to conceal mistakes that may affect security exposure.
- Containment, documentation, and follow-up should be handled in an organized way.
Related Pages
Connected policies and career information
These pages work together to explain Elyndara's workplace philosophy, governance standards, and what candidates can expect from the employer brand.
Safety & Security
Elyndara treats safety and security as a practical operating responsibility covering guest wellbeing, team conduct, supplier readiness, incident escalation, and informed decision-making across destinations.
Code of Conduct
The Elyndara Code of Conduct sets expectations for integrity, confidentiality, respectful workplace behavior, responsible use of resources, conflict management, and legal compliance.
Careers at Elyndara
Explore open roles and employer information across travel design, operations, guest experience, sales, partnerships, and content.
Policy FAQ
Questions employees and candidates may ask
These answers are written in plain language to support both search visibility and quick understanding.
It focuses on protecting guest and business data, controlling system access, reducing phishing risk, managing vendor exposure, and reporting cyber incidents promptly.
Because travel businesses handle sensitive itinerary, identity, and commercial information, weak cyber practice can quickly affect privacy, trust, and operational continuity.
They should report it immediately through the appropriate internal channel so the issue can be contained, reviewed, and managed responsibly.
Careers and Contact
Explore careers at Elyndara or speak with us if you need clarification.
Governance and culture pages matter most when they are visible, understandable, and connected to the way an employer actually hires and works.