Pipedrive, the global sales-first CRM and intelligent revenue management platform for small businesses, today announced that it has successfully renewed its ISO 27001:2013 certificate.
“As an award-winning SaaS solution provider, protecting the information and data of our stakeholders, including customers, shareholders and employees, is our top priority. Being an ISO 27001:2013 certified company demonstrates that Pipedrive’s information security management system aligns with international information security best practices. This allows us to make informed decisions based on risk management and ensure data integrity. We are committed to providing our customers with the assurance that their data is safe in our hands,” said John Mutuski, Chief Information Security Officer, Pipedrive.
Compared with Pipedrive’s previous certification, the company has widened its scope. Now, Tallinn (Estonia), Tartu (Estonia), Prague (Czechia), and Berlin (Germany) are certified. As to the services, the certification specifies the information security management system (ISMS), supporting Pipedrive Customer Relationship Management (CRM) Software as a Service (SaaS) Application hosted at Amazon Web Services (AWS) and Rackspace Technology. The ISMS includes hosting technical, administrative, and physical controls designed to secure its customer and employee information within the context of overall business risks.
Read More: GlobalLogic Acquires Fortech, a Leading Digital Engineering Company Based in Romania
The successful renewal of the certification demonstrates Pipedrive’s ongoing commitment to creating and maintaining the most stringent controls for protecting and securing information provided to it.
Read More: SalesTechStar Interview with Troy Townsend, CEO and Co-Founder at Zitcha
ISO 27001:2013 is an internationally recognized security standard specifying the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.