One of our highest priorities is ensuring the confidentiality and integrity of our customers’ information. As we work to bring Yammer security and compliance practices in alignment with those of Office 365, we are committed to a clear security and compliance roadmap that includes a Data Processing Agreement (DPA), ISO 27001, Section 508, Health Insurance Portability and Accountability Act (HIPAA) and European Union Model Clauses.
Today, we are proud to announce two exciting updates to our Yammer security and compliance roadmap:
1. ISO 27001 certification – Yammer has received ISO/IEC 27001:2005 certification. ISO 27001 is the best-known international information security standard, and certification provides independent assurance that Yammer’s staff can effectively operate a comprehensive security program and manage information security risks effectively. The audit process involves detailed interviews and examination of topics such as physical security, access control, risk management, business continuity, and security best practices during software development. The thorough audit concluded that Yammer’s Information Security Management System (ISMS) meets the rigorous physical, logical, process, and management controls required to achieve compliance with the standard. Yammer’s certificate is issued by the British Standards Institution (BSI), the national standards body of the UK, and one of the premier accreditation firms in the world.
2. The Yammer DPA – The Yammer DPA is now available on request through your Microsoft account team. The DPA addresses the privacy, security and handling of customer data. Our standard data processing agreement enables customers to comply with local regulations.
The Yammer ISO 27001 certification and the Yammer DPA are just the first milestones in our Yammer security and compliance journey, and a key step in our goal to making enterprise social a core component throughout Office 365.
To learn more about Yammer’s security features, please visit Yammer Safety, Security & Privacy.
For more information about Office 365 Security and Compliance, please visit the Office 365 Trust Center.