Announcement

Persona achieves ISO 27001 certification

Learn what this certification means for you and what's next.

Icon showing persona branding
Last updated:
2/24/2024
Read time:
Share this post
Copied
Table of contents
⚡ Key takeaways

At Persona, our goal is to enable trust between businesses and their customers. One of the biggest ways we do this is by ensuring we keep PII and other data stored in our system safe. That’s why we’re proud to announce that we’ve obtained our ISO 27001 certification.

What is ISO 27001?

ISO 27001 is a rigorous certification that demonstrates our Information Security Management System (ISMS)’s adherence to international standards set by the International Organization for Standardization. It’s one of the most widely recognized and globally accepted security and privacy certifications an organization can obtain and demonstrates our commitment to maintaining and protecting information security.

What does our ISO 27001 certification mean for you?

While our SOC 2 certification shows that we have the proper controls to keep data secure, confidential, and private, our ISO 27001 certification expands our security posture by demonstrating our commitment to continuous improvement, development, and protection of sensitive data by implementing appropriate risk treatments, policies, and controls. 

To get certified, we had to pass an extensive audit and demonstrate a systematic and documented approach to protecting and managing sensitive company and customer information — such as intellectual property, employee and customer data, and other information third parties trust us with — via enterprise-grade best practices.

Specifically, our ISMS includes:

  • Continuous monitoring of over 100 internal security controls against the highest possible standards to ensure we remain compliant
  • Annual security trainings to ensure each Personerd employs best practices when handling customer data
  • Data encryption (both in transit and at rest)
  • Annual internal audits conducted by independent and competent personnel, as defined by the ISO standard
  • Secure software development that uses data security and vulnerability checks throughout the development lifecycle
  • Risk management program driven by annual risk assessments and their resulting Risk Treatment Plans

In short, you can trust that we have implemented policies, processes, and people to keep your data secure. Our certification shows that we meet the highest standards for establishing, implementing, maintaining, and continually improving our ISMS.

Chat with a product expert
See a demo of Persona's identity platform

What’s next?

At Persona, security is at the forefront of everything we do. In addition to recertifying every year, we plan on continuing to pursue additional security measures and certifications to demonstrate our commitment to security and privacy. For example, we’re currently applying to become a NIST 800-63 rev.3 service provider. We’re also GDPR, CCPA, and HIPAA compliant, further validating our secure data practices.  

You can request our ISO 27001 report by contacting us at [email protected] and learn more about our other certifications and security measures on our Security Page.

Published on:
10/5/2022

Frequently asked questions

No items found.

Continue reading

Continue reading

Persona ranked 1st across all evaluated Use Cases in 2024 Gartner® Critical Capabilities report, positioned highest for Ability to Execute in inaugural Magic Quadrant™ for Identity Verification
Persona ranked 1st across all evaluated Use Cases in 2024 Gartner® Critical Capabilities report, positioned highest for Ability to Execute in inaugural Magic Quadrant™ for Identity Verification
Announcement

Persona ranked 1st across all evaluated Use Cases in 2024 Gartner® Critical Capabilities report, positioned highest for Ability to Execute in inaugural Magic Quadrant™ for Identity Verification

See how Persona was evaluated in the inaugural Gartner® Magic Quadrant™ for Identity Verification and Critical Capabilities report, and learn more about our configurable approach to identity.

Workforce security redefined: Persona and Okta partner to verify identities and protect against phishing and deepfakes
Workforce security redefined: Persona and Okta partner to verify identities and protect against phishing and deepfakes
Announcement

Workforce security redefined: Persona and Okta partner to verify identities and protect against phishing and deepfakes

Enforce identity verification throughout the employee life cycle using Persona and Okta’s out-of-the-box integration for identity verification.

Build bespoke age verification with Persona
Build bespoke age verification with Persona
Announcement

Build bespoke age verification with Persona

When thinking about age verification, balancing regulations and privacy can seem overwhelming. That’s why we offer a configurable age verification solution built to serve the needs of your business.

Persona achieves SOC 2 Type 2
Announcement

Persona achieves SOC 2 Type 2

Security and privacy aren’t just features — they are part of our identity.

Announcing Persona’s $150M Series C
Announcement

Announcing Persona’s $150M Series C

We've raised a $150M Series C to continue growing our identity infrastructure platform built to support real people, not user IDs.

Persona named one of the best authentication solutions by Cybernews
Industry

Persona named one of the best authentication solutions by Cybernews

See what sets Persona apart from other solutions.

Ready to get started?

Get in touch or start exploring Persona today.