Your security comes first.

We take security seriously.

That’s why we adhere to a strict set of policies designed to protect your data and keep our infrastructure and environment secure. Our security program includes:



Physical security

Protection of devices, hardware, software, personnel



Application security

Ensure applications are developed and operated securely



Infrastructure security

Ensure operations at all technology levels are secured



Company-wide training

Security awareness through mandatory training for all employees

SPS Commerce meets all requirements for the following security certifications:

ISO 27001 compliance

SPS has completed audit and been certified as ISO 27001 compliant. The ISO 27001 certification outlines industry best practices for managing security risks.

<img loading="lazy" src="https://www.spscommerce.com/wp-content/uploads/2018/03/ISO-27001-Certified-Logo5b15d.png" alt="" title="" height="auto" width="auto" srcset="https://www.spscommerce.com/wp-content/uploads/2018/03/ISO-27001-Certified-Logo5b15d.png 637w, https://www.spscommerce.com/wp-content/uploads/2018/03/ISO-27001-Certified-Logo5b15d-300x268.png 300w, https://www.spscommerce.com/wp-content/uploads/2018/03/ISO-27001-Certified-Logo5b15d-200x178.png 200w" sizes="(max-width: 637px) 100vw, 637px" class="wp-image-65613" />

SOC compliance

SPS meets all standards for Type 2 SOC 2 compliance. This certification ensures service providers securely manage your data to protect the interests and privacy of your organization.

<img loading="lazy" src="https://www.spscommerce.com/wp-content/uploads/2017/12/socforserviceorganizationslogosos.jpg" alt="" title="" height="auto" width="auto" srcset="https://www.spscommerce.com/wp-content/uploads/2017/12/socforserviceorganizationslogosos.jpg 224w, https://www.spscommerce.com/wp-content/uploads/2017/12/socforserviceorganizationslogosos-150x150.jpg 150w, https://www.spscommerce.com/wp-content/uploads/2017/12/socforserviceorganizationslogosos-200x200.jpg 200w" sizes="(max-width: 224px) 100vw, 224px" class="wp-image-61861" />

HIPAA attestation

SPS meets the standards related to protecting sensitive health information, as defined by the Health Insurance Portability and Accountability Act and confirmed through an external party attestation.

<img loading="lazy" src="https://www.spscommerce.com/wp-content/uploads/2017/12/HIPAA.png" alt="" title="" height="auto" width="auto" srcset="https://www.spscommerce.com/wp-content/uploads/2017/12/HIPAA.png 384w, https://www.spscommerce.com/wp-content/uploads/2017/12/HIPAA-300x167.png 300w, https://www.spscommerce.com/wp-content/uploads/2017/12/HIPAA-200x111.png 200w" sizes="(max-width: 384px) 100vw, 384px" class="wp-image-61862" />