We are very proud to announce that Contentful is now ISO 27001-compliant. If you’re a Contentful customer, partner or employee, this is incredibly exciting. We’ve always been committed to upholding the highest standard of information security, and our efforts have been validated by the most important certification body.
In short: You can rest assured that your information and data are secure with us.
When companies need proof of their commitment to data and information security, they turn to the ISO 27001 certification. The certification requires meeting a set of rigorous information security standards, including the management of assets such as financial information, intellectual property, employee details and third party information. The scope of our certification includes all of our products, data centers and support processes.
Meeting the ISO-27001 standard goes far beyond a tick on a form, and instead includes thousands of pages of paperwork and meticulous and unrelenting review. You would think that a certification like the ISO 27001 would be industry standard, but unfortunately this isn’t the case.
There are still many CMS offerings on the market that don’t meet this standard, and working with them can be risky. Our certification gives us the framework to manage risks, therefore mitigating yours –– we’ve been certified as a reliable and trustworthy partner for your content. We hope this compliance program gives you confidence in Contentful’s ability to keep your information safe and secure.
Aside from letting you breathe easy, this certification also helps you:
Promote your own compliance requirements as mandated by PCI DSS, GDPR and others
Know that security is a priority at Contentful, and our senior management is accountable for information security
Focus on our value instead of worrying about security concerns. This is a big one for us! We’re happy to take one major worry off of your plate so that you can concentrate on creating, managing and distributing content to your digital platforms.
The work doesn’t stop here. A security program is a living thing that requires careful maintenance. Contentful’s security team — along with an extended circle of security champions — is constantly working to improve the program and keep information security risks under control.
Are you interested in reading more about Contentful’s commitment to information and data security? Check out these links:
Security at Contentful : Everything you need to know about security at Contentful starts here.
ISO 27001 and PCI DSS Certification - What this means for keeping you safe : Curious about the different certifications Contentful has? Here we go into detail about the ISO 27001 and PCI DSS certification, including what it means for your business.
Reducing the attack surface with static sites: What is an attack surface? And should you be worried about your system? Read more about static sites and how they improve your overall security.
Hacking Contentful : Our bug bounty program makes us safer than ever and keeps us accountable.