Cvent Reinforces Commitment to Data Privacy and Information Security by Renewing ISO 27001 and Obtaining ISO 27701 Certifications
Cvent, a market-leading meetings, events, and hospitality technology provider, announced today that the company has renewed its ISO 27001 (data security) and obtained its ISO 27701 (data privacy) Certifications. ISO Certifications are obtained through a comprehensive process that includes an independent third-party audit and validation. Cvent has obtained the ISO 27001 Certification every year since 2016. The ISO 27701 Certification first became available in August 2019, and it was important for Cvent to obtain this Certification to provide the events industry comfort with our data privacy policies and procedures.
The announcement further expands on Cvent’s already comprehensive compliance achievements including:
- ISO 27001-2013: Cvent’s successful achievement of ISO 27001 six years running highlights the company’s commitment to information security and offers high levels of data protection assurance to customers around the globe.
- ISO 27701:2019: This privacy extension to ISO 27001 provides a framework that measures how companies manage privacy controls to reduce the risk to the privacy rights of individuals, and further demonstrates that Cvent’s privacy management system adheres to applicable privacy requirements.
- SOC 1 / SOC 2 Compliance: Audited by the British Standards Institution (BSI), SOC 1/SOC 2 certification demonstrates that Cvent has the appropriate security and controls in place to mitigate potential risks to their business and customers. Cvent has maintained SOC 1 / SOC 2 compliance for five years.
- Payment Card Industry Data Security Standard (PCI DSS): Cvent safeguards cardholder data by complying with these important security standards to reduce credit card fraud and protect personal financial data.
- Cloud Security Alliance (CSA STAR): As a cloud service provider, Cvent understands the need to maintain and continuously optimize strong cloud security controls to safeguard customer data. As part of its CSA STAR certification, Cvent is listed on the CSA’s public registry. Only those Cloud Service Providers who undergo and pass the CSA Cloud Controls Matrix evaluation obtain a listing on the registry.
- E.U. General Data Protection Regulation (GDPR): Since 2018, Cvent has been a thought leader regarding compliance and has invested significant resources into the data security and privacy resources necessary to monitor compliance with this expansive regulation.
“As a market-leading technology provider with more than 230,000 users around the world, it’s imperative that we offer robust data security and compliance,” said Vice President and Chief Information Security Officer of Cvent, Ben Mayrides. “In an increasingly digital world, questions about how and where customer information is being collected, stored, processed and secured in the technology supply chain are top of mind for everyone. These certifications and accreditations highlight our continued commitment to data privacy and information security. By maintaining the security and compliance standards needed to obtain these certifications, our customers know that their information is being protected and processed appropriately; and can focus on driving their businesses forward rather than on data security and privacy concerns.”