Proton
Subscribe by RSS

Proton receives ISO 27001 certification

Patricia Egger

Share this page

Proton prioritizes our community’s privacy and data security in every aspect of our business. 

To further demonstrate our commitment, we underwent a rigorous external audit and – on May 2, 2024 – received our ISO 27001(new window) certification.

As an organization founded by scientists who met at CERN, we see peer review and transparency as a cornerstone of our mission. That’s why we make all our apps open source, allowing anyone to examine our code.

Here’s what this latest certification means and what’s next for Proton.

How we did it 

At Proton, our philosophy is to focus first on good security and let compliance with standards and frameworks follow. 

Our philosophy was confirmed by the fact that, to comply with ISO 27001:2022, we only needed to formalize and document some of our current processes. No fundamental changes in how our business or teams operate were required.

This comprehensive audit spanned 14 days and involved over 15 dedicated teams, each thoroughly evaluating the information security management systems underlying all Proton products.  

Basically, our security management operations were double-checked and validated by independent experts.

Why we did it 

At Proton, we believe in building products our community can trust. We also believe that trust must be earned. As an organization founded and run by former scientists, we believe all claims must be not only investigated but verified, including our own

Transparency and peer review are the best ways to ensure systems function as they’re supposed to and vulnerabilities are quickly resolved. This approach only becomes more important as we grow and add new services. This certification not only proves our methodology is sound, it makes it easier for us to work with larger organizations in the future. 

We pursued this certification for the same reason we open our products to scrutiny through external penetration tests and our bug bounty program: To ensure any vulnerabilities in our service are swiftly identified and resolved so your information remains safe. 

What’s next 

Looking ahead, we plan to strengthen support for our business customers, particularly those handling sensitive data, by publishing further information and audit reports detailing our security controls. 

Thank you for being part of our mission to build a better internet where privacy is the default. Stay tuned for more updates and new features designed to keep your data safe and secure.

Protect your privacy with Proton
Create a free account

Related articles

The cover image for a Proton Pass blog announcing that single sign-on is now available, the image shows a sign in screen on top of the Proton Pass logo
Our business password manager with Single Sign-On (SSO) can help keep your company secure and save employees time.
Proton Wallet offers a safe, easy way to hold and transact with Bitcoin. Now there’s no reason to let third parties hold your BTC.
Business documents representing digital data and sensitive information to secure
Find out what digital data is, how it has become the backbone of modern businesses, and how Proton can help secure it.
Learn what you're exposing yourself to when you use temporary email services like 10-Minute Mail
Learn what you're exposing yourself to when you use temporary email services like 10-Minute Mail — and why an alias is a better way to protect your privacy.
Is deepseek safe
  • Privacy news
DeepSeek? More like DeepSneak
Not only does DeepSeek collect extensive personal information, but it cannot legally resist government demands for access to that data.
The cover image for a Proton Pass blog explaining how a family password manager can save parents time - the image shows three password fields on top of each other with a security shield shape containing two adult figures and one child figure
Tired of resetting passwords for your family? Find out how a family password manager can help you save time on password admin.