ISO Certifications help keep your business secure

Rest assured that Dropbox world-class technologies and processes have been independently verified and certified for security, privacy/data protection and business continuity.

An example data dashboard

What is ISO?

The International Organization for Standardization (ISO) is an independent, global organisation of 160+ national standards bodies that measure levels of excellence for products, services, systems and procedures.

Dropbox has certified its data centres, systems, applications, people and processes through a series of audits by an independent third party, Netherlands-based EY CertifyPoint.

Due diligence for security, privacy and business continuity

It’s vital to assess your current infrastructure controls against objective security, privacy/data protection and business continuity standards. You may need to adopt new solutions according to best practices and ISO standards.

Collaborators working on laptops

ISO 27001 (Information Security Management)

ISO 27001 is recognised globally as the premier information security management system (ISMS) standard. The standard also leverages the security best practices detailed in ISO 27002.

Dropbox continually and comprehensively manages and improves all physical, technical and legal controls, is audited EY CertifyPoint and maintains its ISO 27001 accreditation from the Raad voor Accreditatie (Dutch Accreditation Council).

View the Dropbox Business and Dropbox Education ISO 27001 certificate.

ISO 27017 (Cloud Security)

ISO 27017 is an international standard for cloud security that provides guidelines for security controls for cloud services. Our Shared Responsibility Guide explains several of the security, privacy and compliance requirements that Dropbox and its customers can solve together.

View the Dropbox Business and Dropbox Education ISO 27017 certificate.

ISO 27018 (Cloud Privacy and Data Protection)

ISO 27018 is an international standard for privacy and data protection that applies to cloud service providers like Dropbox, who process personal information on behalf of their customers.

View the Dropbox Business and Dropbox Education ISO 27018 certificate.

ISO 22301 (Business Continuity Management)

ISO 22301 is an international standard for business continuity to help organisations decrease the impact of disruptive events by responding to them appropriately. 
The Dropbox Business continuity management system (BCMS) is part of our overall risk management strategy to protect people and operations during times of crisis.

View the Dropbox Business and Dropbox Education ISO 22301 certificate.

Why ISO certification is critical for business continuity

For successful business continuity, it’s important that you have advanced planning measures in place in the event of an emergency, such as a natural disaster, business crisis, pandemic, workplace violence or any potential event that could create unexpected upheaval.

Having an ISO certification helps your business be well prepared so that the security, privacy and data protection of your business are maintained – no matter what happens.