Alation Achieves ISO 27001 Certification

By Zlatko Unger

Published on March 27, 2020

Alation helps enterprises foster self-service analytics, drive digital transformation and create data culture. We do that by making it easy to find, understand and ultimately, trust data. That trust must also extend to the data catalog itself. To ensure that the Alation Data Catalog provides a secure and reliable solution for our customers, our security team created a secure space for the development of the data catalog.

Alation has a number of global enterprise customers in the financial services, healthcare, insurance, and technology industries. These organizations are subject to rigorous internal and external regulations and information security standards. They are able to continue meeting their security and compliance objectives with Alation as an integral part of their environment — both by applying organization-specific controls and by leveraging the strength of Alation’s product and operational security.

Information Security Management System Certified ISO 27001

We are pleased to share that as of January 29, 2020, Alation is an ISO/IEC 27001:2013 certified provider with an Information Security Management System (ISMS) that has received third-party accreditation from the International Standards Organization. Our certificate is available here.

ISO/IEC 27001:2013 is an information security management system standard published in October 2013 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

Our accredited auditors found Alation to have technical controls in place and formalized security policies and procedures. Alation has implemented several security measures and countermeasures that protect it from unauthorized access or compromise, and IT personnel were found to be conscientious and knowledgeable in best practices.

Compliance with this internationally recognized standard confirms that Alation’s security management program is comprehensive and follows leading practices. The scope of our ISO/IEC 27001:2013 certification includes:

  • The management of information security program to protect all the assets used for design, development, and support of data cataloging software; and

  • Controls and the supporting processes which are in line with the Statement of Applicability Worksheet version 1.2, dated December 9, 2019.

This certification demonstrates our continued commitment to information security at every level and ensures our customers that the security of data and information has been addressed, implemented, and properly controlled in all areas of our organization.

More information about our product’s security and operational security is available on our security page.

Tagged with