Helpshift Receives Multiple ISO Certifications; Affirms Commitment to Highest Security Standards

What Do These ISO Certifications Mean For Customers?

Helpshift has always focused on the security and data privacy aspects of our internal and external operations, technology platform and services—both on-premises and in the cloud. We recognize that security is vital when it pertains to customer service, as there is a need to protect a brand’s information and the information of its customers.

These ISO certifications awarded to Helpshift affirm our existing security practices and further increase customer confidence in working with us to deliver outstanding customer service in a way that bolsters security and privacy.

For years, Helpshift has implemented, modernized and followed the most stringent security practices. In fact, these ISO27001, ISO27017 and ISO27018 certifications validate our longstanding security and privacy measures, which include the following:

  • Compliance with GDPR and COPPA
  • Strong cloud security via use of Amazon Web Services (compliant with PCI DSS, SOC 1/2/3, HIPPA, ITAR, EU-US, and NIST)
  • Security of data in transit via TLS encryption
  • Regular vulnerability testing by third-party experts
  • Robust internal security policies and processes
  • Automated redaction and integration options that support our clients’ PCI compliance needs

For our customers, this set of ISO certifications means they have correctly put their trust in us to safeguard their valuable data and that of their customers.

The Scope of ISO Standards 27001, 27017 and 27018

ISO 27001 certification affirms that an organization has performed a comprehensive assessment of security risks and has created an Information Security Management System (ISMS) that complies with the requirements established in the global information security management standard of the International Organization for Standardization (ISO). An ISMS is a framework and related set of policies and procedures focused on managing organizational risk, confidential information and overall approach to security.

The ISO 27001 standard is complex and consists of criteria related to multiple aspects of operations, all of which must be met to gain certification. These include access control, asset management, communications security, compliance/conformity, cryptography, development and maintenance, human resources security, information security aspects of operational continuity management, information security incident management, organization of information security, operational security, physical and environmental security, system acquisition and supplier relationships.

ISO 27017 and ISO 27018 certifications extend the guidance on information security and personally identifiable information (PII) protection as they relate to operating in a cloud environment. Certification for these two standards affirms that an organization is in compliance with standards for protecting corporate data, personal information, intellectual property, documentation, and IT systems security in the cloud. These additional ISO certifications demonstrate that Helpshift has met the high standards for confidentiality, integrity and availability of our customer service offerings and operations.

When Did Helpshift Receive All of These ISO Certifications?

In Q4 2018, a third party auditor conducted a thorough assessment of Helpshift’s operations to assess Helpshift’s compliance with ISO 27001, ISO 2017, and ISO 2018. The auditor confirmed that we consistently do the following:

  • Follow the Helpshift security policies, objects and procedures
  • Maintain our ISMS to conform with all requirements of the ISO 27001, ISO 2017 and ISO 2018 standards
  • Ensure our ISMS achieves all of the policy objectives established by Helpshift in connection with information security management

Helpshift successfully demonstrated the highest levels of cloud-based information security and PII protection, leading to our ISO 27001, ISO 27017 and ISO 27018 award certifications in April 2019.

“Having certified validation of our security stance and privacy measures by third-party experts underscores the value Helpshift has always placed on being a trusted customer service partner,” said Erik Ashby, Helpshift VP of Product. “The additional certifications for our cloud-based operations lets customers know that we comply to an internationally-accepted information security framework under all circumstances.”

About Helpshift

Helpshift’s next-generation digital customer service software enables B2C brands to scale their support while offering differentiated experiences through web, in-app, email and messenger app channels. Helpshift’s innovative asynchronous messaging model across these channels gives people back their time, keeps conversations in context and allows humans and automations to work together to solve problems faster. The Helpshift platform embeds knowledge and AI to let customer service organizations best utilize a mix of automated service, self-service and human-assisted service. Serving over 450 businesses worldwide, including Xfinity Home, Microsoft, Tencent and Supercell, Helpshift is headquartered in San Francisco, with offices around the globe. To learn more about Helpshift, visit and follow @helpshift on Twitter.

To learn more about the ways we earn our customers’ trust each day, visit our ‘Product Trust’ page at