Storyblok receives ISO 27001 certification

Contents
    Try Storyblok

    Storyblok is the first headless CMS that works for developers & marketers alike.

    Today, we’re pleased to share some exciting news: Storyblok is now ISO 27001 certified! This certification indicates that we’ve demonstrated rigorous adherence to the highest international standards of security. Let’s take a closer look at what that means and how it’ll affect our enterprise customers.

    Storyblok editing capabilities

    What is ISO 27001?

    The International Organization for Standardization (ISO) is a body that develops and publishes international standards. These help to ensure that all members of our global community can agree on criteria that indicate high-quality performance in certain areas. 27001 in particular are the standards that dictate the management of information security. It applies to everything from financial information to user data and employee details. By judging companies against their abilities to meet these expectations, users can confidently pick one that’s doing everything they can to safeguard their data and users.

    Long story short, it’s a top-tier confirmation of cyber safety.

    Unfortunately, the importance of ISO 27001 compliance doesn’t mean that it’s commonplace. Not every CMS out there can say they’ve earned it for all areas of their organization. That’s one of the reasons we take pride in our new certification – we’ve put in the time and resources to prioritize providing the most secure experience possible.

    How Storyblok earned its certification

    Earning the ISO 27001 isn’t easy. Storyblok had to prove itself to be a leader of this category in its legal, physical, and technical approaches. To do so, we demonstrated how we hold ourselves to the highest safety standards with practices such as:

    • Continuously auditing our infrastructure and implementing the latest precautions including contingency plans

    • Threat modeling and risk assessment during the secure software development process per the OWASP code review guide

    • Data privacy practices that rely on encryption and GDPR-compliant storage

    This isn’t a one-time deal, either. Adherence to the ISO 27001 standards has to be routinely proven. This ensures that we’re staying on the cutting edge of digital safety measures for the benefit of our users and partners. It also means we’re focused on getting ahead of potential issues long before they can threaten our users.

    And it’s not just in our operations! We’ve also earned ISO 27001 certification in our other practices too, most notably software development. That means we’re writing every line of code with the end user’s safety in mind. From start to finish, we’re monitoring any potential security issues and getting ahead of them.

    What our ISO 27001 certification means for you

    Data breaches costs in the United States rocketed to $4.24 million on average in 2021. That’s proof enough that security failures can be devastating – and that’s before you even consider how your public image could suffer as a result. Avoiding these dire consequences by any means possible is a priority.

    We help you do that right from the start. Storyblok’s MACH architecture means that it's built to minimize your risk. Neatly segmented APIs mean that any breaches are naturally confined to a single arm of your organization. The lack of a rigid frontend/backend connection also means that a threat to one side doesn’t necessarily impact the other.

    However, our ISO 27001 certification proves that our commitment to data safety goes beyond that foundation. It isn’t just an empty title. It’s a third-party approved guarantee that we’re meeting best-in-class international security standards through continuous refinement of our policies.

    Here at Storyblok, we’re always striving to be the best. This certification is just another reflection of our commitment to providing a stellar experience for all of our users. So feel free to focus on your enterprise organization’s content – we’ll make sure it stays safe and sound on one of the world’s most secure CMSs.

    Want to learn more about our commitment to security? Take a look at our Privacy Policy or visit our Trust Center.