The Road to Compliance: Why, How, and What’s Ahead
Over the past few months, we have proudly added a few certificates to the long list that makes up our regulatory compliance program. We work hard to make sure security and data privacy are a core part of our product development; that they are at the heart of everything we do, without hindering innovation and advancement. When this is recognized externally by the most stringent third party regulatory organizations, we get the assurance we need that we’re doing things right.
Why we’re doing it
Security and privacy are often clustered together into one category, but in reality, they hold very different challenges. Security, as an overarching term, covers everything from robust privacy controls, people security, data center security, cloud monitoring, and much more (read about our security policies and practices here).
Tackling the security challenges involved in a 600-person company with a data-driven product is no small feat; we have an entire dedicated team hired to do just that.
Privacy protection and data integrity protection is where security and privacy converge. Privacy presents its own unique set of challenges, as the world grows more connected and personalized. We don’t take lightly the significant responsibility of being a data processor; my personal belief is that privacy is a basic human right, and I approach privacy with this in mind. Increasingly stringent global and regional privacy regulations are, unsurprisingly, well-aligned with AppsFlyer’s ingrained approach to privacy.
External validation and certification helps us maintain transparency with our customers, making sure that our efforts are visible and that customers can feel confident in our product and company. Being recognized for the significant resources we invest in our security and privacy program helps us ensure that we are on track. For these reasons, we have invested in AppsFlyer’s compliance program, becoming the most comprehensively compliant company in the industry for security and privacy.
How we’re achieving it
The road to compliance starts at the foundation. We needed to make sure our efforts reflected the company’s solid infrastructure before we were ready to open up our program for external examination. The infrastructure was set in place long before we applied for compliance audits, but continues to grow and evolve along with the company.
Our efforts have been recognized and approved by multiple international organizations, and our compliance program has become the most extensive and comprehensive in the industry. While we’re proud of this, it doesn’t allow us to rest on our laurels; we remain vigilant in our goal to continuously grow the program and tackle new processes head-on. For example, in a few weeks we will be obtaining new certification – ISO 27032, on top of the extensive list of ISO certifications we already have.
Our compliance program
Our compliance certification spans a variety of regional and global programs:
We continue to expand our reach for security and privacy certificates that are globally recognized by the industry. As the company and product evolve, our goals are to:
- Maintain the current program, which includes successfully meeting the requirements of yearly audits for each certification
- Expanding to additional areas of certification and obtaining more regional-specific certification
- Growing the compliance team
As the attribution industry leader, we strive to create a standard that all other providers will align to; to become the guiding star in the security and privacy perspective.
We proudly serve over 12,000 enterprise customers worldwide across verticals. Our customers have varying needs; some need to transfer data across borders or are looking to expand to new regions. Our top-notch certifications and compliance program helps our customers grow with confidence, knowing that no matter the scenario – we’ve got them covered.