How Your Vendor’s Security Practices Impact Your Business

Akeyless puts security at the heart of its service. The confidentiality, integrity, and availability of our customer’s data are our top priorities.

We understand (and as a security company, we encourage) that our customers do not blindly trust their vendors. Engaging with any vendor that handles your most sensitive data and infrastructure, requires a high level of transparency, so you can assess whether this vendor prioritizes the confidentiality, integrity, and availability of your data. 

Akeyless complies with many standards and regulations to ensure, and independently validate, that our security performance is continuously kept at the highest standards. We place significant resources and efforts towards remaining compliant with the latest standards and regulations, including FIPS 140-2, SOC 2, and ISO 27001:2013.

Akeyless is proud to announce that we received the ISO/IEC 27701:2019 certification to add to that list, which is a specific privacy extension to the ISO 27001:2013 certification. Let’s have a look at what these two standards are, and what they mean for Akeyless customers.

What is ISO 27001:2013 Certification?

ISO 27001:2013 is a globally recognized standard for establishing, implementing, maintaining, and continually improving an information security management system (ISMS), in order to help organizations secure their information assets. With this certification, we have improved our risk mitigation processes to secure your data.

What is ISO 27701:2019 Certification?

The ISO 27701:2019 standard provides a framework for Personally Identifiable Information (PII) Controllers and PII Processors, to manage privacy controls to reduce the risk to the privacy rights of individuals. To achieve this certification, Akeyless implemented a Privacy Information Management System (PIMS) to enhance the existing ISMS with privacy-specific controls. Now, Akeyless can more easily prove privacy compliance to our customer’s PII Controllers, within different jurisdictions, for example in the EU with the GDPR. 

Finally, Akeyless ensures you don’t have to relinquish your master keys with our patented DFC Technology. As a result,  Akeyless has Zero Knowledge of your data, and you keep full control of your keys.

Please visit our new Trust Center to read more about our continuing mission for transparency, security, and availability. 

See the Akeyless Vault in Action