NEW YORK, May 22, 2019 – mParticle, the leading Customer Data Platform (CDP) for multi-channel consumer brands, today announced it is ISO/IEC 27001:2013 compliant and, in addition, has received its SOC 2 Type II audit report. The mParticle platform was purpose-built with enterprise-grade security measures in place, and these independent verifications further bolster mParticle’s customers with even greater confidence in the company’s security protocols.
ISO/IEC 27001:2013 is an Information Security Management System (ISMS) standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It requires a proactive approach to risk identification, the development of technical security controls to handle those threats and a continual review of these respective controls’ effectiveness.
After an extensive evaluation, mParticle was certified that it meets this comprehensive, internationally recognized standard. mParticle will continue to evolve its ISMS to comply with ISO 27001 and work in partnership with its auditors for annual assessments to ensure its program continues to operate effectively.
Service Organization Control (SOC) 2 reports are based on the American Institute of Certified Public Accountants’ (AICPA) Trust Services Criteria. SOC 2 Type II is an in-depth examination of a company’s internal control policies and practices over a set period of time. The goal is to assess and validate the implementation of best practices around corporate infrastructure, internal processes, data management, data privacy and security.
An audit conducted by a certified, third-party firm verifies that mParticle has in place the internal controls that meet the Trust Services Criteria for security, availability, processing integrity and confidentiality, and that they’re operating effectively.
“Security and consumer privacy have been part of our platform since day one,” said Will Rogers [pictured], Chief Information Security Officer (CISO), mParticle. “We’re excited to have met and surpassed these standards with the receipt of these reports, and we will continue to invest in our security controls to ensure the safety of our clients’ customer data.” More...