Leading Customer Engagement Platform Recognized for Ongoing Commitment to Information Security
Braze, the leading global customer engagement platform that delivers personalized messaging experiences across push, email, apps, and more announced it has obtained ISO 27001 certification, representing its continuous commitment to providing customers with the highest level of information security management. The certification was performed by Schellman & Company, LLC, an ANAB and UKAS accredited Certification Body.
ISO 27001 is a globally recognized security standard that sets requirements for an information security management system (ISMS) and specifies the conditions for establishing, implementing, operating, monitoring, maintaining, and improving a documented ISMS within the context of the overall business. It sets forth a risk-based approach with focus on adequate security controls to protect information and give confidence to customers. Braze is now recognized as fully compliant with the global security standard and is committed to continually developing our ISMS.
“Braze is bolstering its ongoing commitment to provide world-class security controls and practices through third-party audits and certifications including SOC 2 and ISO 27001,” said Jon Hyman, Chief Technology Officer and Cofounder at Braze. “We take pride in evaluating and constantly prioritizing the implementation of the highest forms of compliance with industry-standard data protection regulations. On top of our existing practices of complying with security and privacy rules for HIPAA and GDPR, these are security standards that our customers have come to expect from us.”
This announcement comes on the heels of the successful completion of the SOC 2 Type 2 examination which verifies security controls including infrastructure, software safeguards, and procedures in place for those with access to its systems. Additionally, Braze achieved compliance for HIPAA and The EU General Data Protection Regulation (GDPR) in 2018. Braze is best positioned to successfully navigate the rapidly evolving data security landscape, while being highly respective of clients and their end-user’s data privacy rights.