Janrain®, the company that pioneered the Customer Identity and Access Management (CIAM) category and market leader in Privacy by Design, today announced that it has obtained two of the industry’s most comprehensive third-party security certifications, and the only ones designed specifically for the cloud: 1) Cloud Security Alliance Level 2 (CSA) STAR Certification, which verifies that Janrain follows industry-best practices for securing cloud offerings, and 2) the International Organization for Standardization’s (ISO) 27018:2014 Certification for handling personally identifiable information (PII) data in the cloud. These certifications apply to all services and product offerings associated with Janrain’s Identity Cloud product, which provides customers seamless and secure way to move between web, mobile and IoT-device properties.
Janrain becomes the first CIAM provider to achieve CSA Star Certification, the highest level achievable in CSA’s program. Until now, no CIAM provider had exceeded CSA’s Level 1 self-assessment, which is simply a questionnaire uploaded by the vendor to the CSA site. By contrast, CSA Level 2 certification entails an in-depth audit by an accredited, independent third party to verify that the company adheres to the highest cloud security standards throughout its operations. ISO 27018 certification confirms that Janrain applies industry best practices when handling PII, which is only going to increase in importance once the EU’s General Data Protection Regulation’s (GDPR) stringent PII-protection decrees go into law May 2018.
“Meeting CSA’s and ISO’s most exacting security protocols doesn’t just benefit Janrain, it ensures our clients that their customers’ most critical data—upon which their respective businesses are built—is secure with Janrain,” said Jim Kaskade, CEO of Janrain. “The monetary and manpower expense of meeting these standards is a drop in the bucket compared to the peace of mind our customers get knowing that the 1.5 billion–plus digital identities under Janrain’s management are safe.”
More than 3,400 Global 1,000 and midsize organizations use Janrain’s cloud-based product suite—which includes social login, registration and profile-data storage, among other offerings—to give their customers a seamless, highly personalized experience across, web, mobile and digital properties. The number of digital customer accounts under Janrain’s management is expected to grow further—the Identity and Access Management market will reach $14.82 billion by 2021, according to research firm MarketsandMarkets. Janrain was first to market in 2002 and has pioneered almost every major CIAM product development since. By obtaining CSA STAR Level 2 Certification by Attestation and ISO 27018 certification, Janrain once again raises the bar in the CIAM industry, while saving CIAM customers the time, money and hassle of performing their own vendor security audits in evaluating choices.
CSA STAR’s security-assurance program is built on principles of transparency, rigorous auditing and harmonization of standards in order to promote best practices and validation of security posture of cloud offerings. By following the ISO 27018 controls, organizations that handle PII can assure their customers and end users that they are using industry-best practices to protect this sensitive data.
Janrain aims to keep its security measures as ironclad as possible. In order to make this transparent and attestable for clients, Janrain maintains more security assurance programs than any other CIAM vendor. In addition to the new CSA STAR Level 2 and ISO 27018 certifications, Janrain also maintains and is audited or assessed for certification/compliance with ISO 27001:2013, SOC 2 Type II (in addition to the Security Common Criteria, Janrain is compliant for the Availability and Confidentiality Trust SOC 2 Trust Principles), HIPAA (storage of healthcare data), HITECH (transmission of healthcare data), US-EU Privacy Shield Framework and the TRUSTe privacy program. Janrain is Open ID connect (OIDC)–certified, GDPR-ready and compliant with many other security/privacy regulations, such as COPPA, PIPEDA, CFR (Code of Federal Regulations Title 21, Part 11).
Founded in 2002, Janrain pioneered Customer Identity and Access Management (CIAM) and is widely recognized by industry analysts as a global CIAM leader. The Janrain Identity Cloud® provides identity management, security and activation solutions that enable seamless and safe customer experiences across their digitally connected world, while providing enterprise organizations with deep customer insights. Janrain’s identity capabilities include social and traditional login and registration, single sign-on, customer profile data storage and management, customer segments, customer insights and engagement solutions. The company powers brands like Pfizer, Samsung, Whole Foods, Fox News, Philips, McDonald’s and Dr Pepper. Janrain is based in Portland, Oregon, with offices in London, Paris and Silicon Valley. For more information, please visit www.janrain.com and follow @janrain.