Request a Demo

Safe and Sound: Medallia Is First CEM Company to Secure Highest Security Standards


As the writer and futurist Alvin Toffler once said, “Our technological powers increase, but the side effects and potential hazards also escalate.” Today, we are graced with digital enhancements that make our lives easier: ride-sharing apps, food delivery services, and voice-controlled AI at our fingertips. But just as technology is ever changing, so are the risks that come with it.
Our job as the Trust and Assurance team at Medallia is to constantly ask, “How do we ensure the highest level of trust with our customers?” Now more than ever, companies have high expectations when it comes to data security. Our job is to both stop threats as they emerge and to provide the greatest degree of security possible. While we are incredibly proud of our work to date, we refuse to settle when it comes to security.
Today, I’m thrilled to share that Medallia has taken a huge step in our journey to securely serve our customers by achieving ISO 27001 certification and compliance to SSAE16 (SOC2 Type II), ISAE 3000 and HIPAA standards. Over the past year, a well-respected, independent third party audit firm has been reviewing and testing our program, and last week they certified that our work meets these standards. These certifications serve as a universal language for our global customer base and demonstrate our commitment to keeping all data safe and secure.
And, we are leading the way: we are the first enterprise SaaS company in CEM to achieve this security level, not just in our data centers but also across our software platform.
Building a best-in-class security program has always been embedded in our DNA at Medallia. Having a reputable third party regularly test and certify our security program affirms that we’re not just talking about security as a priority, but putting it into practice. And while these accomplishments are a huge step forward, our work is never done. As data requirements evolve and we continue to grow our presence in new industries and regions, we are committed to maintaining the highest security standards in the industry.
To learn more about our ISO 27001 certification and the work of our Trust and Assurance team, visit Medallia’s Trust page, or reach out to your Medallia account representative. Lastly, stay tuned for more exciting updates—this is just the beginning of our journey.