Your security comes first.

We take security seriously.

That’s why we adhere to a strict set of policies designed to protect your data and keep our infrastructure and environment secure. Our security program includes:

Physical security

Protection of devices, hardware, software, personnel

Application security

Ensure applications are developed and operated securely

Infrastructure security

Ensure operations at all technology levels are secured

Company-wide training

Security awareness through mandatory training for all employees

SPS Commerce meets all requirements for the following security certifications:


ISO 27001 compliance

SPS has completed audit and been certified as ISO 27001 compliant. The ISO 27001 certification outlines industry best practices for managing security risks.

A-LIGN ISO 27001 Logo

SOC compliance

SPS meets all standards for Type 2 SOC 1 and Type 2 SOC 2 compliance. SOC 2 compliance ensures service providers securely manage your data to protect the interests and privacy of your organization. SOC 1 compliance ensures service providers manage your financial data safely and securely.

HIPAA attestation

SPS meets the standards related to protecting sensitive health information, as defined by the Health Insurance Portability and Accountability Act and confirmed through an external party attestation.