Security is paramount. We lock our computers when we step away from our desks, we lock our cars when we go to the gym, and we lock our doors when we turn in for the night.
At Salesloft we invest that level of effort and so much more when it comes to data that flows into and out of our platform. Your data. Data about your customers that you’ve worked diligently to gather and maintain.
Enter our recent ISO 27001 certification and SOC 2 Type 2 report. Both of these achievements are important milestones for Salesloft as a company, but even more so for you. They signify our commitment as a service provider to implementing, designing and maintaining effective security controls and practices across our organization. We treat our customers’ data as if it were our own, and we welcome the opportunity to prove that through independent and objective assessments like these.
About the ISO 27001 Certification
ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system (ISMS). It sets forth a risk-based approach that focuses on adequate and proportionate security controls that protect information assets and give confidence to interested parties. Under ISO 27001, an organization must demonstrate communication of policies, effective treatment of security risks, achievement of information security objectives, and continuous improvement of the ISMS.
In order to achieve certification, an organization must undergo a two-stage assessment by an independent, accredited registrar against the ISO 27001 framework requirements and over 100 control activities. The details of our ISMS certification are publicly available here.
About the SOC 2 Type 2 Report
A SOC 2 examination, performed by an independent, certified public accounting (CPA) firm, is an assessment of a service provider’s security control environment against the trust services principles and criteria set forth by the American Institute of Certified Public Accountants (AICPA). The result of the examination is a report which contains the service auditor’s opinion, a description of the system that was examined, management’s assertion regarding the description, and the testing procedures performed by the auditor.
Salesloft completed a SOC 2 Type 2 examination, which means its controls were assessed based on their operating effectiveness over a 12 month period. The examination yielded an unqualified (i.e., “clean”) opinion, which is the best possible result for a SOC 2 assessment.
Other Noteworthy Security Matters at Salesloft
To learn more about these two milestones as well as other security and compliance efforts at Salesloft, from the perspective of our security team, visit https://salesloft.com/security-compliance.
If you have any questions regarding these milestones or about the security of our platform, please do not hesitate to contact us at [email protected].