Thursday, November 18, 2010

ISPA Conference & Expo

Our team is back from a fun-filled few days at the 20th annual ISPA Conference & Expo in National Harbor, MD. The week was filled with great conversations and exciting new partnership opportunities with businesses and spas from all over the globe.

We made some great connections at ISPA and were very pleased to announce the expansion of the Booker platform through the creation of GramercyOne. Thankfully, there was still time to catch up with our current SpaBooker clients and hear about how our #1 online booking, CRM, POS and business management software has changed and improved their businesses.

ISPA was a huge success and the perfect way to close out an exciting year for SpaBooker. It was great to see everyone who stopped by the SpaBooker booth, we hope you had as much fun at the conference as we did. If you were unable to see us, or would like additional information about SpaBooker spa software, visit and we will be happy to arrange an online demonstration.

To see photos from the show please visit our Facebook page. Let us know what you think with a comment!


Wednesday, November 10, 2010

GramercyOne Launched to Grow Booker Platform

In the three short years since its inception, SpaBooker has evolved into the industry-leading software solution and is considered the SaaS provider of choice for spas globally. During the exciting growth of the platform and company we have delivered innovative products backed by great customer service. To maximize the platform’s potential and continue providing best-of-class service to our partners, we have created and launched GramercyOne. GramercyOne is the company under which our Booker platform will be developed and marketed. Today these products include SpaBooker, SalonBooker, FitnessBooker and OneBooker.

GramercyOne’s platform has already demonstrated significant success outside the spa industry and has been embraced by new audiences, including installations in medical, fitness, yoga, pilates and activity-focused businesses. In addition to growth across industries, the platform has been translated into nine languages and is in use in more than 30 countries around the world.

Our vision, as a company, is to help businesses achieve their potential through innovative, cloud-based technology solutions. We look forward to continue providing our partners with a market leading software platform that helps them to realize their potential.

If you have any questions about GramercyOne or any of the Booker products, please email them to

Thursday, November 4, 2010

Security - Take it Seriously

With thousands of clients worldwide processing hundreds of millions of dollars in transactions on a yearly basis, the security of our customers’ data is paramount to the service that GramercyOne / SpaBooker provides. Since security is such a critical part of any software solution, we thought we would take a minute to talk about four specific areas that any business should consider before choosing a system:
  • Data Security
  • Application Security
  • Network Security
  • Physical Security
Data Security
The security of your data is perhaps the most critical component of any system. Countless times we’ve seen this be the driving reason that a customer is considering new management software. Generally, and unfortunately, an owner will have had a hard drive or computer fail with all of their valuable customer data, and after experiencing that loss, they never want to experience it again.

Since our launch in 2007, SpaBooker has never experienced a data loss or data corruption incident. We ensure that this doesn’t happen by utilizing an n-tier system architecture. What this means is that we have multiple, redundant application servers, database nodes, and networking devices. All data is backed up nightly. Our policy is that we worry about redundancy and data backup so that our customers don’t have to.

Application Security
Due to the volume of transactions that flow across our platform, GramercyOne / SpaBooker is certified as a Payment Card Industry Data Security Standard (PCI-DSS) Level 1 audited organization. To attain this accreditation SpaBooker utilizes some of the most advanced technology available today for Internet security. For instance, when a user accesses our system using industry standard Secure Socket Layer (SSL) technology, our clients’ information is protected using both server authentication and data encryption, ensuring that their data is safe, secure, and available only to registered Users.

Additionally, SpaBooker utilizes triple factor authentication, which in plain English means that each user must enter an account name, unique user name and password each time they log in. SpaBooker does not use "cookies" to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data, encoded session IDs, and even accessing IP addresses.

Network Security
GramercyOne / SpaBooker utilizes a multi-layered network infrastructure including multiple firewalls, routers, and switches. All devices within our production environment are monitored in real time by intrusion detection systems (IDS), discrete logging appliances, and actual people, 24 hours a day, 365 days a year.

In addition, every device within our production environment is subjected to multiple internal and external penetration tests per month. And , to top it off, SpaBooker has third party security auditors – sometimes referred to as “white hat hackers” – perform full, on and offsite, security testing on a regular basis.

Physical Security
At GramercyOne our core competency is creating the best scheduling and business management software in the cloud, not running a data center. As such we host with Rackspace Hosting one of the best hosting providers on the planet. Rackspace is a PCI-DSS Level 1 and SAS70 certified provider that utilizes state of the art physical security precautions including:
  • Keycard protocols, biometric scanning protocols and round-the-clock interior and exterior surveillance monitor access to every one of Rackspace’s data centers.
  • Every data center employee undergoes multiple and thorough background security checks before they're hired.
  • Should a total utility power outage ever occur, all Rackspace data centers' power systems are designed to run uninterrupted, with every server receiving conditioned UPS (Uninterruptible Power Supply) that are N+1 redundant, with instantaneous failover if the primary UPS fails.
  • Every data center's HVAC (Heating Ventilation Air Conditioning) system is N+1 redundant. This ensures that a duplicate system immediately comes online should there be an HVAC system failure.

At GramercyOne we serve the service industry and we believe strongly that our partners should be able to use a system that allows them to spend more time with their customers, instead of worrying about their software. If you have any questions about this article or about our security policies and procedures, don’t hesitate to reach out to me at daniel.lizio-katzen (at)