What is ISO Certification?
The International Organization for Standardization (ISO) has developed a set of globally recognized standards for information and community security. These are intended to help companies to develop reliable and innovative products and services.
elastic.io is now ISO 27001 certified. The certificate recognizes that systems, applications and processes in the following functions are compliant with Information Security Management Systems best practices:
- Product Development
- IT Operations
- Human Resources
What is ISO 27001 Certification?
ISO 27001 is recognized worldwide as the most important standard for information security management systems (ISMS). In addition, this standard includes the best practices for security that are already listed in the ISO 27002 standard.
How does elastic.io comply with ISO 27001?
We at elastic.io keep our comprehensive physical, technical and legal regulations and measures up to date and continually improve them to live up to the trust our customers and users place in us and our platform.
Our auditor DQS Holding GmbH is ISO 27001 certified by the German Accreditation Body GmbH (DAkks). Following this link, you will find the ISO 27001 certificate for the operation and development of the IPaaS platform elastic.io.
Statement of Applicability (SoA)
Our customers are welcome to request a copy of the SoA by contacting us. In individual cases, the conclusion of a non-disclosure agreement (NDA) may be necessary in this context.
ISO 27001-specific employee training
Several times a year, all of our employees receive training in the following areas:
- Security Awareness
- Information Security Management System (ISMS)
- Incident management
Supplier selection and evaluation
When selecting its suppliers, elastic.io pays close attention to the existence of a corresponding SOC 3 or ISO 27001 certificate in all essential areas relevant to ISO 27001 compliance. The validity and applicability of the corresponding certificates are checked at regular intervals.
List of important suppliers:
- Google (Google Cloud Platform (GCP))
- Amazon (Route 53, DNS)
- Microsoft Azure
- Github (via Microsoft)
- Zenhub
- Bitwarden
- Dropbox
The names listed are trademarks of the respective companies.
Resources
- The ISO 27001 certificate (444KB, PDF).
- Information Security Management Criteria and Related Controls document (216KB, PDF).