Company

Sisu achieves ISO 27001 certification

By Brent Goldman - March 23, 2021

Almost one year after we unveiled our comprehensive security program at Sisu, I’m excited to announce that we have reached the next milestone in our maturity as a trusted, enterprise-grade platform – Sisu has earned our ISO 27001 certification, verified by PECB MS. ISO 27001 is the most widely recognized international security standard, and this certification demonstrates our commitment to protecting our customers and their data.

We frequently talk about the speed and power of Sisu’s augmented intelligence technology and the benefits of fast, comprehensive analysis for our customers. Giving our customers the ability to take decisive action when business conditions change helps set them apart from their competitors. But just as critical as the confidence our customers have in the integrity of the insights Sisu generates is the way Sisu treats their data.

Today’s ISO 27001 announcement is critical for maintaining that confidence. Our mission is to operationalize the world’s data and let everyone in an organization analyze, understand, collaborate, and act using all of their data. That doesn’t happen without real trust in how we handle their data across their stack.

In April of last year, we established our trajectory with our SOC II Type 2 certification, a critical audit of how we safeguard customer data and the effectiveness of those controls, and by passing our HIPAA security rule audit which ensures we fully support our customers’ efforts to safeguard Protected Health Information (PHI). In the eleven months since, we’ve aligned the entire company around the strategic importance of security, compliance and control, and the critical role employees play in upholding our customers’ trust. Leaders at companies of all sizes — from the Fortune 100 to fast-growing disruptors — are confident that they can trust their decisions and their data to Sisu.

Our security principles have always aligned with the ideals of the ISO 27001 standard:

  • Uphold trust.
    Speed and security are not enemies. We work to earn and maintain the trust of our users, who entrust us with their most critical data and decisions.
  • Less is more.
    By design, Sisu does not store customer data. Our secure connections to our customers’ data warehouses ensure the protection of data and the analysis from end to end.
  • Your data, your controls.
    We give our customers the controls they need to protect, govern, and audit access to their valuable datasets, as well as the analysis in our platform.

Looking back over the year, we have continually invested in the overall security of our platform. “Uphold Trust” is not only a core cultural value – it’s a principle our CEO Peter established when he founded Sisu. While it’s an ongoing process to build and maintain a comprehensive security program, our work to date has resulted in a strong foundation and a clear direction for future work.

As we’ve said before, the Sisu team wants to hear from you, whether you’re a customer, employee, or just interested in our platform. Please contact us at [email protected] with any questions, concerns, or if you believe you may have identified an issue.


Read more

Upholding Trust: Sisu Achieves SOC 2 Type II, HIPAA, and Privacy Shield Compliance

Sisu achieves SOC 2 Type II certification, HIPAA security rule compliance, and certification under the EU-U.S. Privacy Shield Framework.

Read more

Security at Sisu

An introduction to Richard Reinders, Head of Security at Sisu. Dive into our current investments in security at Sisu and where we’re headed in the immediate future.

Read more