Designed from the ground up to meet your security needs

Whether you’re in a highly regulated industry or simply looking for peace-of-mind security, Crownpeak has you covered. The Crownpeak Digital Experience platform meets the highest industry standards for security and regulatory compliance. Your organization will benefit from industry-leading security and data protection of Amazon Web Services – but we don’t stop there. You're further protected through layers of independent certifications and audits, along with the inherent security benefits of our decoupled architecture. This combination delivers the strongest security possible for your organization.

Crownpeak Demo site on different screens

Independent audits and certifications

independent audit badges
independent audit badges
independent audit badges
independent audit badges
independent audit badges
independent audit badges
independent audit badges
  • Our Commitment

    We support our deep commitment to protecting customers with an extensive program of operational controls and information security practices. Crownpeak participates in a set of industry-leading independent audits, assessments, and certifications to ensure we continually exceed customers’ security needs, including:

  • AICPA SOC 2 Type 2

    AICPA SOC 2® Type 2 is an internal controls audit and report outlining how a company safeguards its customers' data and how effective its controls are. It is often used by companies evaluating cloud service providers to assess risk. The SOC 2 report provides detailed information and assurance about the controls in place relevant to security, availability, processing integrity, confidentiality, and privacy.

  • ISAE 3000

    ISAE (International Standards on Assurance Engagement) 3000 refers to the standards used during the SOC (system and organizational controls) 2 audit and report. Using the international standards ensures the SOC report can be used by organizations globally.

  • FISMA (Moderate – NIST 800-53)

    FISMA (Federal Information Security Management Act) is an information security standard designed to protect sensitive data. In addition to being mandatory for any U.S. Federal Government workload, it is also universally adopted as the information security standard for all U.S. financial institutions.

  • EU-U.S. Privacy Shield

    In order to demonstrate an adequate level of protection for cross-border data transfers under GDPR, Crownpeak maintains EU-US & Swiss-US Privacy Shield certifications.

  • Swiss-U.S. Privacy Shield

    In order to demonstrate an adequate level of protection for cross-border data transfers under GDPR, Crownpeak maintains EU-US & Swiss-US Privacy Shield certifications.

  • TRUSTe Certified Privacy

    TRUSTe certification demonstrates responsible data collection and processing practices consistent with regulatory expectations and external standards for privacy accountability.

Data encryption in-transit and at-rest data sheet thumbnail

Data encryption in-transit and at-rest

Crownpeak customers are fully protected with encryption for both data-in-transit and data-at-rest. By leveraging industry-leading and battle-tested encryption methods, you are protected against any unauthorized person or entity attempting data theft or access. Even better, setup is entirely handled by Crownpeak without any additional learning required.
Download the Datasheet
Advanced cybersecurity and edge protection datasheet thumbnail

Advanced cybersecurity and edge protection

Crownpeak's advanced cybersecurity and edge protection service provides end-to-end protection to help mitigate DDoS attacks and defend against other vulnerability exploits. From threat intelligence to multilayer protection, we use a combination of strategies to ensure your data, customer information, and digital experiences are protected from a broad range of cyber threats and criminal activity.
Download the Datasheet