SendBird is proud to announce that we have been granted the ISO/IEC 27001: 2013 certification. This certification demonstrates SendBird’s commitment to maintaining and improving our information security and data protection.
ISO 27001 is an international standard that “specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system” (ISMS). An ISMS is a systematic framework of procedures to help companies manage important information and keep it secure within an organization – this information includes policies, assets, operational processes, people, third-party data and more.
SendBird worked with an independent audit firm to carry out an evaluation that verifies our compliance and the implementation of all mandatory specifications.
Our road towards ISO 27001 certification and the commitment to information security that it signifies didn’t happen in an instant. Rather, it had been a long-time goal from the outset of our company and required a concerted effort from all aspects of the company.
Since working with Kookmin Bank – Korea’s largest financial institution – over the past two years, we recognized the important of implementing internal security controls to properly manage our data and processes so that we can securely serve all institutions, from enterprises like banks to small businesses and startups.
“Security and compliance has always been one of our top priorities,” says Brandon Jeon, Head of Trust and Safety at SendBird, “and we are hard at work to ensure that SendBird continues to uphold all the standards of ISO 27001, not only for the sake of our company, but also for all of our customers and their users, too. Although our company is relatively young, this certification is a monument to the maturity of our information security.”
While we are proud to achieve ISO 27001 certification, we know that this is just another step towards our goal for greater security and data protection. We already comply with the General Data Protection Regulations (GDPR) and the EU-US Privacy Shield. Now that our ISO 27001 certification is in place, we will work in tandem with ISO standards to complete the SOC 2 Report and achieve HIPAA compliance. With these standards, we will become even better able to serve enterprise customers and to deliver a secure way to exchange credential information in the healthcare industry.
If you have any questions about SendBird’s security and data protection, feel free to reach out at [email protected].