Skip to main content

ConfigCat just got ISO 27001 certified

· 2 min read

ConfigCat is proud to offer a robust, comprehensive feature flag service for software engineers to utilize safe trunk based development.

ISO-27001

Companies must use the most up-to-date standards when developing their unique Information Security Management System, as information security becomes significantly more difficult to protect the more an organization grows (ISMS).

We believe a large part of providing superior service is ensuring the security of our users' data. As such, we're pleased to announce that the newest ISO 27001 governance system has just been implemented as the next step in strengthening our ISMS to maintain the highest possible industry standards of security practices. The new certification establishes a global set of criteria.

Why is ISO certification important?

Implementing a framework similar to the GDPR significantly improves SOC2 and NIST compliance by reducing the need for audits and lowering the risk of fines from GDPR non-compliance. Few competitors have implemented ISO 27001, so this should aid with making an informed decision about which feature flag service to use.

What makes us so proud of this?

The new certification is recognized as a global standard by the International Electrotechnical Commission and the International Organization for Standardization. The certification process is pretty rigorous, beginning with a gap assessment, Statement of Applicability, and e-learning managed by a bespoke Implementation Manager tool, and ending with an independent evaluation from an expert, ensuring that this new governance system is reserved only for dedicated applicants.

Other advertised advantages include mandatory annual risk assessments to keep everyone on the same page about when to review the system and, if necessary, implement changes. In conjunction with the aforementioned certification process, GDPR-friendly framework, and other enhancements, these assessments ensure that the company adheres to a bulletproof ISMS and that our reputation as a secure service is enhanced.

We hope that this latest enhancement to our services will reinforce the trust we've built with our users over time, and we thank you all as we continue to improve the security of our service.