SparkPost now ISO 27001 Certified

SparkPost announces it has been granted ISO 27001 certification for its corporate systems and cloud products. SparkPost has long been trusted by some of the world’s most sophisticated enterprise-level email senders such as The New York Times, Zillow, Adobe and This new internationally recognized certification is the latest development demonstrating the company’s dedication to its enterprise customers that demand the highest level of security and compliance practices and infrastructure. 

The scope of the ISO 27001:2013 certificate for SparkPost comprises the Information Security Management System (ISMS) supporting the operations underlying SparkPost Cloud Email Sending, all email analytics products, and Taxi for Email solutions. The organizational coverage includes the Governance, Risk and Compliance (GRC), Information Security, Information Technology (IT), Infrastructure Operations, Product Development, Facilities, Sales & Marketing, and General & Administrative teams affecting the ISMS. These activities are governed by the implemented controls in accordance with the organizational Statement of Applicability. 

“Our customers are some of the most recognizable enterprises in the world, and they rightfully demand the highest level of security. We hold ourselves to high standards because we know how important it is to our global enterprise customers. The ISO certification makes us a true partner in security and makes it easier to do business together — from procurement to contracting, legal to auditing,” said James Sipe, VP Compliance and IT Security at SparkPost. “The scope and depth of our security controls exceed what the industry has previously offered. With this latest ISO certification, we’re proud to show our customers and the overall email industry just how important security is to us. It’s in our DNA.”

SparkPost products, services and people have long been held to the highest security and compliance standards. In addition to ISO certification, SparkPost goes above and beyond to ensure they can deliver to the enterprise, including:

  • Routinely achieving a SOC 2 Type II attestation, a well recognized US standard for security 
  • Employing certified security and compliance professionals (CISA, CISSP) with deep industry expertise. The team supports customers in highly regulated industries, and ensures that SparkPost can deliver according to their compliance needs
  • Supporting privacy compliance required by GDPR, CCPA, and other data protection laws, including the ability to host accounts in the EU
  • Committing to a top-notch enterprise experience through services backed by industry-leading SLAs, taking another level of risk out of the equation for enterprise buyers