As the leader in enterprise revenue intelligence, data sits at the center of everything we do. Our technology is purpose-built to help customers automatically capture the data and insights that fuel today’s go-to-market strategies, so they can engage the right people, in the right accounts, to better achieve their pipeline- and revenue-generating goals. 

Of course, part of any discussion that involves data needs to focus on security, privacy, and compliance. As the Chief Information Security Officer (CISO) at People.ai, helping protect our customers’ sensitive data is my number one priority. Part of that responsibility entails continuously hardening our information security management system – putting it through the rigors of extensive third-party audits and achieving industry-standard certifications that validate our ability to insulate customers from today’s advanced cybersecurity threats. 

With that charter in mind, I am very pleased to announce that People.ai has attained the following certifications for our information security management system:

  • ISO 27701:2019 | Privacy
  • ISO 27017:2015 | Cloud Computing
  • CSA STAR Certification

These achievements build on our current certifications for ISO 27001:2013 and SSAE-16 SOC 2 Type 2 compliance. 

What do these certifications mean for you, our valued customer?

Protecting your information is a vital part of one of our core company values – “The Customer Is Everything.” In an era where security breaches are costing people and companies billions of dollars in lost revenue, fees, and other penalties, we know that maintaining your trust – as well as the trust of your customers and employees – is paramount to our mutual success. 

Obtaining these latest certifications is a testament to this principle of trust and reliability. We know your time is valuable and needs to be spent on making the best use of your GTM data to achieve your business goals and service your customers – without the threat of being compromised. And we will continue to strive for additional certifications so you feel confident, comfortable, and protected when using our technology. 

You can read more about each of these certifications, as well as the standards we meet, by reading below. You can also learn more about how our technology meets all essential enterprise-grade security requirements by reviewing our web page

Finally, in closing, I want to personally thank each of you for your continued business and partnership. We continuously strive to create a security-first culture at People.ai, and data security is a distinctive strength of what we offer to the marketplace. 

My best wishes and gratitude goes out to all of you as we embark on a new year. 

ISO 27701:2019 and ISO 27017:2015 

The ISO 27701:2019 and ISO 27017:2015 standards are set by the International Organization for Standards (ISO). The standards set systematic approaches to securely managing information and information systems. Certification must be conducted by an independent auditor who determines whether a company has a coherent, systematic set of policies in place to protect information and whether those policies are followed. Companies that achieve ISO 27701:2019 and ISO 27017:2015 certifications demonstrate that they adhere to privacy and cloud computing best practices, policies, and procedures that include more than just logical and physical security controls. Certification attests to management’s commitment to protecting information, by prioritizing it as a business requirement.

ISO 27701:2019 is a rigorous third-party independent assessment of the Privacy Information Management System (PIMS) of a cloud service provider.

ISO/IEC 27701:2019 specifies requirements and guidelines to establish and continuously improve a PIMS, including the processing of personally identifiable information (PII) and is an extension of the ISO/IEC 27001 standards for information security management. It provides a set of additional controls and associated guidance that is intended to address public cloud PIMS and PII management requirements that aren’t addressed by the existing ISO/IEC 27001 control set, for both processors and controllers.

The certification demonstrates that a cloud service provider has an effective PIMS in place to support customers, who may be working towards compliance with the European General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other data privacy regulations. The independent third-party assessment of People.ai’s alignment to this internationally recognized code of practice demonstrates that People.ai is committed to the privacy and protection of customers’ content and can help customers in pursuing their international and local compliance objectives.

ISO/IEC 27017:2015 certification is an international standard that aligns with and complements the ISO/IEC 27001:2013 with an emphasis on cloud-specific threats and risks.  ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

  • Additional implementation guidance for relevant controls specified in ISO/IEC 27001; and 
  • Additional controls with implementation guidance that specifically relate to cloud services.

CSA STAR Certification 

In addition to the new ISO certifications, People.ai is excited to announce that we have achieved CSA STAR certification as a part of our ISO 27001:2013 certification. The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, recently announced a series of updates to Cloud Controls Matrix (CCM) v4, CSA’s flagship cybersecurity framework for cloud computing. CSA STAR Certification for ISO 27001:2013 is a technology-neutral certification that makes use of the CSA CCM and the requirements of the ISO/IEC 27001:2013 management system standard.