OneLogin Achieves Another Compliance Milestone With ISO 27001 Certification
San Francisco, CA – Nov. 5, 2014 – OneLogin, the innovator in identity management, today announced it has achieved ISO 27001 certification, providing independent verification that OneLogin has implemented the latest and most rigorous information security management processes to protect its systems and customers. OneLogin is the first cloud-based identity management provider to obtain this certification of operational excellence, which is especially important to European organizations.
OneLogin’s ISO 27001 certificate, issued by an independent third party accredited by Germany’s National Accreditation Body (DAkks), maximizes trust and confidence in OneLogin’s IT infrastructure and security capabilities as companies increasingly rely on cloud-based providers to securely manage identities for applications such as Workday, Office 365, and Google Apps.
The certification also provides additional peace of mind to EU customers who are already taking advantage of the EU data residency option offered by OneLogin. “It is important for U.S. vendors to take globally recognized certifications like ISO 27001 seriously when engaging with European customers, especially when it relates to cloud,” said Lindsay Smith, Secretary General of Eurocloud. “It is equally important for customers to have a common benchmark against which to measure the providers they are considering to use.”
According to a 2014 Right Scale survey of technical professionals, 94 percent of organizations surveyed are running applications or experimenting with infrastructure-as-a-service. Despite the overwhelming desire to benefit from the cloud, a recent survey by OneLogin of business and IT leaders reveals that concern over data privacy and trust remains an impediment to further adoption. ISO 27001 is a formal specification for a management system that brings information security under explicit controls. It reaches across the organization, including security policy, asset management, human resources security, physical and environmental security, business continuity management, and much more. Because compliance with the specification is verified by independent auditors, certified organizations such as OneLogin must meet very clear and exacting standards.
“ISO/IEC 27001:2013 is a globally recognized and trusted standard that assures our customers of our commitment to managing their information securely, including maintaining the confidentiality, integrity, and availability of their data,” said Alvaro Hoyos, Director of Risk & Compliance at OneLogin. “It is the solid foundation upon which all our other security frameworks are built and is essential for the adoption of cloud-based solutions like OneLogin by companies facing strict regulations, such as Sarbanes Oxley and HIPAA in the U.S. and the Data Protection Directive in Europe. This is why we have invested significant time and resources to achieve ISO 27001 certification this year as a critical part of our overall security and compliance framework.”
In addition to ISO 27001 certification, as part of OneLogin’s efforts to strengthen its security and compliance framework, the company is now included in the Cloud Security Alliance’s Security, Trust and Assurance Registry (STAR), was awarded the Skyhigh Enterprise-Ready™ rating from the Skyhigh Networks CloudTrust Program, and published a SOC 2 Type 2 report earlier this year based on the new 2014 version of the AICPA’s Trust Services Principles and Criteria. All these efforts highlight OneLogin’s security and availability commitments to our customers and to being transparent about how we strive to meet those commitments.
OneLogin, the innovator in enterprise identity management, provides the industry’s leading SaaS solution for managing internal and external users across all devices and applications. OneLogin is the only “Challenger” in Gartner’s IDaaS Magic Quadrant, considered a “Major Player” in IAM by IDC, and ranked #1 in Network World Magazine’s review of SSO tools. OneLogin’s cloud identity management platform provides more than 1,000 customers with secure single sign-on, multi-factor authentication, integration with common directory infrastructures such as Active Directory and LDAP, user provisioning and more. OneLogin is SAML-enabled and pre-integrated with thousands of applications commonly used by today’s enterprises, including Microsoft Office 365, BMC Remedyforce, Box, Egnyte, EMC Syncplicity, Google Apps, Oracle CRM On-Demand, Salesforce.com, SuccessFactors, WebEx, Workday, ServiceNow, and Zendesk. OneLogin, Inc. is backed by CRV and The Social+Capital Partnership. Try OneLogin free at: http://www.onelogin.com/signup/ For more information: www.onelogin.com | Twitter: @onelogin.