Drum roll please… 🥁🥁🥁

SparkPost is Now ISO 27001 Certified

SparkPost officially has an ISO 27001 certification for our corporate systems and cloud products. We’re proud to have long-term trust by some of the world’s biggest brands with sophisticated email programs, and this internationally recognized certification is the latest achievement in our ongoing dedication to enterprises who deserve the highest level of security and compliance infrastructure. 

ISO 27001 is a globally recognized security standard that helps us provide customers with increased assurance in the security of their email programs. This certificate is widely known in the email industry, and it provides the requirements for an Information Security Management System (ISMS), in turn enabling SparkPost to better “manage the security of assets such as financial information, intellectual property, employee details, or information entrusted by third parties,” per ISO.org

The scope of the ISO 27001:2013 certificate for SparkPost supports our cloud email sending, all email analytics products, and Taxi for Email solutions. Essentially, this overarching program helps control risk across the entire network of users on these products – something we are very honored to deliver.

We’re Committed to Helping Enterprise Email Senders

Our customers are some of the most recognizable enterprises in the world – The New York Times, Zillow, Adobe, Booking.com – and they rightfully demand the highest level of security. We hold ourselves to high standards because we know how important it is to our global enterprise customers. The ISO certification makes us a true partner in security and makes it easier to do business together – from procurement to contracting, legal to auditing. The scope and depth of our security controls exceed what the industry has previously offered. With this latest ISO certification, we’re proud to show our customers and the overall email industry just how important security is to us. It’s in our DNA.

The ISO certification is a step forward in our commitment to security, but it’s certainly not the beginning of our journey. We’ve long held our products, services, and people to the highest standards of security and compliance. In addition to ISO 27001, we always make sure we can deliver to the enterprise, including:

  • Routinely achieving a SOC 2 Type II attestation, a well recognized U.S. standard for security. 
  • Employing certified security and compliance professionals (CISA, CISSP) with deep industry expertise. The team supports customers in highly regulated industries and ensures that SparkPost can deliver according to their compliance needs. 
  • Supporting privacy compliance required by GDPR, CCPA, and other data protection laws. SparkPost offers the ability to host accounts in the EU. 
  • Committing to a premier enterprise experience with services backed by industry-leading SLAs, taking another level of risk out of the equation for enterprise buyers.

Email Security is in Our DNA

So, I’d like to give a big hats off to all of the SparkPost team members who helped make this ISO 27001 certification a reality and continue to work hard for our security every day. Our customers deserve nothing less. 

For more information about SparkPost’s security policy visit our Security Center. As always, if you’re a SparkPost customer, please direct any questions to support or to your assigned TAM or CSM.

~James Sipe
VP of Compliance & IT Security