Zoom Video Communications : Gains New Security Certifications and Attestations
December 17, 2021 at 11:49 am EST
Share
Security & Privacy
Zoom Gains New Security Certifications and Attestations
Heather Ceylan
December 17, 20212 min read
Third-party certifications and attestations serve as industry-defining standards that help demonstrate a security program's effectiveness, allowing organizations to provide assurance over the security of their products and services.
At Zoom, third-party certifications and attestations are integral to our security program's foundation and allow us to provide customers with transparency into our security program and control environment. That's why we're excited to expand our list of industry-recognized certifications and attestations with two new additions: ISO/IEC 27001:2013 and SOC 2 + HITRUST.
ISO/IEC 27001:2013
Zoom Meetings, Zoom Phone, Zoom Chat, Zoom Rooms, and Zoom Video Webinars are now certified as International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC) 27001:2013 compliant. Conducted by an independent third-party auditor, the ISO/IEC 27001:2013 certification is a widely recognized, international standard that specifies security management best practices and comprehensive security controls. It requires the development and implementation of a rigorous security program, including operationalizing an Information Security Management System (ISMS). An ISMS is designed to help manage, monitor, review, and continuously improve an organization's security program.
SOC 2 + HITRUST
Zoom has expanded the scope of its existing SOC 2 Type II report to include additional criteria to meet Health Information Trust Alliance Common Security Framework (HITRUST CSF) control requirements. HITRUST is a security framework that leverages nationally and internationally accepted standards and regulations such as GDPR, ISO, NIST, PCI, and HIPAA.
Zoom's SOC 2 + HITRUST report provides a transparent look at the controls in place that protect the security and availability of the Zoom platform as they align with the American Institute of Certified Public Accountants (AICPA) Trust Services Principles and Criteria and the HITRUST CSF. This attestation applies to Zoom Meetings, Zoom Phone, Zoom Chat, Zoom Rooms, and Zoom Video Webinars.
A commitment to the Zoom experience
At Zoom, we strive to create a seamless and secure experience for our users. Our compliance with these internationally-recognized standards helps demonstrate our commitment to data protection and user security. As we continue to evolve our security program here at Zoom, third-party certifications and attestations will continue to serve as a critical component of our work to create a platform built on trust.
Want to learn about our certifications and attestations? Visit our Trust Center or chat with a Zoom expert one-on-one today.
Don't forget to share this post
Attachments
Original Link
Original Document
Permalink
Disclaimer
Zoom Video Communications Inc. published this content on 17 December 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 17 December 2021 16:48:01 UTC.
Zoom Video Communications, Inc. provides an all-in-one intelligent collaboration platform. It provides a unified communications and collaboration platform that delivers fundamentally changes how people interact, connecting them through frictionless and secure meetings, phone, chat, content sharing and more. Its products are grouped under various categories: Core Communications, AI, Employee Experience, Customer Experience and Developer Ecosystem. Core Communications products include Zoom Meetings, Zoom Phone, Zoom Team Chat and others. AI products, such as Zoom AI Companion. Employee Experience products include Zoom Rooms, Workspace Reservation, Zoom Docs and other. Customer Experience products, such as Zoom Contact Center, Zoom Virtual Agent, Zoom Events and others. Developer Ecosystem products include Zoom Developer Platform, Zoom App Marketplace and Zoom Apps. It serves various industries, including education, entertainment/media, enterprise infrastructure, finance, and others.