In the age of digital transformation, where data reigns supreme, safeguarding personal information is of utmost importance. At D-ID, we dedicate ourselves to leveraging the power of AI while upholding the highest level of security and compliance. That’s why we are thrilled to announce that we’ve recently achieved three prestigious certifications: ISO 27001, Cloud Security ISO 27017, and ISO GDPR equivalent ISO 27018.
Understanding ISO Certification
The International Organization for Standardization (ISO) is an independent non-governmental international organization that convenes experts to develop voluntary, consensus-based, globally relevant standards. ISO Certification signifies that our products meet industry expectations and our customer standards. It’s important to note that ISO Certification is performed by external certification bodies, not the ISO itself.
- ISO/IEC 27001:2013: This globally recognized standard for information security management systems (ISMS) and their requirements. Many other standards offer guidance on protecting data and being resilient against cyber threats. This helps organizations of all types and sizes secure their assets, such as financial information, intellectual property, employee data, and third-party entrusted data.
- ISO/IEC 27017:2015 Best Practices: This certification centers on cloud security, providing guidelines for both cloud service providers and customers to protect information in the cloud environment.
- ISO/IEC 27018:2019 Protection of Personally Identifiable Information in the Cloud: Specifically addressing the protection of personally identifiable information (PII) in public cloud services, this certification sets strict standards for PII processing. This emphasizes privacy and compliance with data protection laws like the GDPR (General Data Protection Regulation). Typically, an organization that implements these standards does so to protect its own assets. However, in the case of a public cloud service provider acting as a PII processor, the organization has a responsibility to protect the information entrusted to it by its customers.
The Significance of These Certifications
When an organization achieves ISO certification, it signifies that they have undergone a comprehensive assessment by an accredited certification body. This process involves a thorough examination of the organization’s operations, procedures, and systems to determine compliance with specific ISO standard requirements. Achieving certification is no small feat and underscores D-ID’s commitment to data security, privacy, and compliance.
ISO 27001 certification demonstrates our dedication to robust information security controls. We handle our Customer data with a high degree of protection, reducing the risk of data breaches.
ISO 27017 certifies our adherence to best practices in securing data stored and processed in the cloud, assuring clients that they are shielded from cloud-related threats.
ISO 27018 showcases our commitment to respecting individuals’ rights regarding their personal data in the cloud.
These certifications are not simply handed out, they require rigorous auditing and assessments, along with a steadfast commitment to maintaining the highest standards of data protection and privacy. It’s a commitment we make to our customers. As we move forward, we pledge to uphold these high standards and continually enhance our practices to adapt to the ever-evolving world of data security and privacy. Your sensitive information is in safe hands here at D-ID.