Join the 7/21 live chat & demo: How to turn KYB & KYC into your competitive advantage


Persona achieves ISO 27001 certification

Learn what this certification means for you and what's next.

Read time:
Share this post
Table of contents
⚡ Key takeaways

At Persona, our goal is to enable trust between businesses and their customers. One of the biggest ways we do this is by ensuring we keep PII and other data stored in our system safe. That’s why we’re proud to announce that we’ve obtained our ISO 27001 certification.

What is ISO 27001?

ISO 27001 is a rigorous certification that demonstrates our Information Security Management System (ISMS)’s adherence to international standards set by the International Organization for Standardization. It’s one of the most widely recognized and globally accepted security and privacy certifications an organization can obtain and demonstrates our commitment to maintaining and protecting information security.

What does our ISO 27001 certification mean for you?

While our SOC 2 certification shows that we have the proper controls to keep data secure, confidential, and private, our ISO 27001 certification expands our security posture by demonstrating our commitment to continuous improvement, development, and protection of sensitive data by implementing appropriate risk treatments, policies, and controls. 

To get certified, we had to pass an extensive audit and demonstrate a systematic and documented approach to protecting and managing sensitive company and customer information — such as intellectual property, employee and customer data, and other information third parties trust us with — via enterprise-grade best practices.

Specifically, our ISMS includes:

  • Continuous monitoring of over 100 internal security controls against the highest possible standards to ensure we remain compliant
  • Annual security trainings to ensure each Personerd employs best practices when handling customer data
  • Data encryption (both in transit and at rest)
  • Annual internal audits conducted by independent and competent personnel, as defined by the ISO standard
  • Secure software development that uses data security and vulnerability checks throughout the development lifecycle
  • Risk management program driven by annual risk assessments and their resulting Risk Treatment Plans

In short, you can trust that we have implemented policies, processes, and people to keep your data secure. Our certification shows that we meet the highest standards for establishing, implementing, maintaining, and continually improving our ISMS.

What’s next?

At Persona, security is at the forefront of everything we do. In addition to recertifying every year, we plan on continuing to pursue additional security measures and certifications to demonstrate our commitment to security and privacy. For example, we’re currently applying to become a NIST 800-63 rev.3 service provider. We’re also GDPR, CCPA, and HIPAA compliant, further validating our secure data practices.  

You can request our ISO 27001 report by contacting us at and learn more about our other certifications and security measures on our Security Page.

Frequently asked questions

No items found.

Continue reading

Continue reading

Power all of your identity operations with Persona's identity infrastructure

Power all of your identity operations with Persona's identity infrastructure

Businesses can build and unite any part of their identity operations with Persona’s configurable building blocks.

Introducing Workflows: automations for any use case

Introducing Workflows: automations for any use case

From setting custom rules to triggering actions, Workflows is a flexible, intuitive, and powerful way to automate your identity processes and more.

Our Series B and the future of Persona

Our Series B and the future of Persona

We’ve raised $50 million to bring us one step closer to becoming the identity layer of the internet.

Ready to get started?

Get in touch or start exploring Persona today.