mParticle receives ISO 27001 certification and SOC 2 Type II attestation
Independent audits confirm mParticle’s privacy and security controls exceed internationally recognized standards and best practices.
NEW YORK, May 22, 2019 – mParticle, the leading Customer Data Platform (CDP) for multi-channel consumer brands, today announced it is ISO/IEC 27001:2013 compliant and, in addition, has received its SOC 2 Type II audit report. The mParticle platform was purpose-built with enterprise-grade security measures in place, and these independent verifications further bolster mParticle’s customers with even greater confidence in the company’s security protocols.
ISO/IEC 27001:2013 is an Information Security Management System (ISMS) standard published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It requires a proactive approach to risk identification, the development of technical security controls to handle those threats and a continual review of these respective controls’ effectiveness.
After an extensive evaluation, mParticle was certified that it meets this comprehensive, internationally recognized standard. mParticle will continue to evolve its ISMS to comply with ISO 27001 and work in partnership with its auditors for annual assessments to ensure its program continues to operate effectively.
Service Organization Control (SOC) 2 reports are based on the American Institute of Certified Public Accountants’ (AICPA) Trust Services Criteria. SOC 2 Type II is an in-depth examination of a company’s internal control policies and practices over a set period of time. The goal is to assess and validate the implementation of best practices around corporate infrastructure, internal processes, data management, data privacy and security.
An audit conducted by a certified, third-party firm verifies that mParticle has in place the internal controls that meet the Trust Services Criteria for security, availability, processing integrity and confidentiality, and that they’re operating effectively.
“Security and consumer privacy have been part of our platform since day one,” said Will Rogers, Chief Information Security Officer (CISO), mParticle. “We’re excited to have met and surpassed these standards with the receipt of these reports, and we will continue to invest in our security controls to ensure the safety of our clients’ customer data.”
The ISO 27001 certification and SOC 2 Type II report are part of a continued mParticle initiative to protect consumer interests on behalf of its customers. In 2018 mParticle led the launch of OpenGDPR, an open-source framework for capturing and distributing consent to ensure compliance with GDPR and proposed legislation, such as the California Consumer Privacy Act (CCPA).
mParticle is the leading customer data platform (CDP) for multi-channel consumer brands. Companies such as Starbucks, Burger King, NBCUniversal, Spotify, and Airbnb use mParticle to create a unified, real-time customer data pipeline that enables them to win in key moments of the customer journey. Founded in 2013, mParticle is headquartered in New York City with offices in Delray Beach, London, San Francisco and Seattle. The mParticle platform manages more than 500 billion API calls monthly. To learn more, visit: www.mparticle.com.
Head of Corporate Marketing, mParticle