MoEngage Achieves ISO 27001:2013 Compliance, Sets Up Information Security Management System (ISMS), and Bolsters Commitment to Security and Data Privacy

  • UPDATED: 18 July 2023
  • 2 min read
article

Reading Time: 2 minutes

At MoEngage, we prioritize safeguarding customer data. To that end, I’m pleased to announce that we have achieved the ISO 27001:2013 Compliance. We’ve set up an Information Security Management System (ISMS) and completed the process as per the ISO/IEC 27001:2013 audit conducted by the BSI Group.

The certification applies to customer success, engineering, HR, IT, finance and legal, administration, sales, and marketing.

What does achieving ISO 27001:2013 Compliance mean for MoEngage?

ISO 27001 bolsters security controls, practices, and postures. The certification dictates systematic management of sensitive information by developing Information Security Management Systems (ISMS). The certification recognizes our compliance with stringent, international security standards. We’ve performed a comprehensive assessment of security risks and set up the ISMS, complying with ISO standards.

Composed of 14 control sets outlined in Annex A of ISO 27001, it considers:

  • Information Security Policies
  • Organization of Information Security
  • Human resource security
  • Asset Management
  • Access Control
  • Cryptography
  • Physical and Environmental Security
  • Operations Security
  • Communications Security
  • System Acquisition
  • Development and Maintenance
  • Supplier Relationships
  • Information Security Incident Management
  • Information Security Aspects of Business Continuity Management and Compliance.

The core sections of ISMS include risk assessment, asset management, security policy, and organization of information security. Risk assessment involves the identification of asset vulnerabilities and confidentiality risks. The security policies ensure consistent control is applied. Asset management requires the organization to maintain an asset register of all valuable data. Organization of information security reflects the organization’s desire to invest in internal training and setting up ISMS.

What does ISO 27001 Certification mean to MoEngage customers?

Apart from safeguarding asset confidentiality and integrity, here’s how our customers can benefit:

  • Optimized processes: We have well-defined processes, fast turnaround times, and quick resolution of pain points. The ISO 27001 certification helps us become more streamlined thus helping you.
  • Improving the security of valuable assets: We’ve always prioritized the security of customer data. The certification ensures we secure our customer data against potential threats, frauds, or cyber-attacks.
  • Promoting trust and transparency: In a world plagued by cybersecurity threats, we’ve always promoted transparency among customers. The ISO 27001 ensures we meet the highest security standards so that our customers can rest easy.
  • Improved strategies for information security: Leading up to our ISO 27001 certification, qualified information security experts have audited our security practices. As a follow-up, we reinforced our security processes with industry best practices to successfully mitigate any potential breach. This practice has helped us distill the documentation into clearly defined security measures circulated across the board.
  • Consistent risk monitoring: Implementing the ISO-compliant ISMS helped reinforce stringent policies to protect information irrespective of where it is stored. The implementation enabled us to develop action items and tackle potential threats. We further aim to set up routine leadership checks on the functioning of the ISMS and make adjustments as needed.

We are committed to the data privacy and the security of our customer’s valuable assets. As such, our top priority is to instill trust and confidence in our insights-led engagement platform. To ensure secure processing of data residing with us, we’ve assembled a team of highly qualified product managers, engineers, and compliance experts.

We’re compliant with GDPR and CCPA and provide secure authentication and Single Sign-On option. You can check our commitment to data security here.

Achieving the ISO 27001:2013 compliance was always on the radar, and we’re glad to have reached this landmark. Adding this feather to our cap will help in safeguarding data privacy better than ever.