Approved Contact, a provider of privacy-first communication and compliance solutions, has received ISO/IEC 27001 certification for its information security management system (ISMS). The international certification affirms the company’s commitment to security, consent management and data protection practices at a time when regulators and customers are raising the bar on how businesses use texting, email, voice and AI, the company said.
Approved Contact offers a privacy-first communication platform that powers compliant SMS, MMS, voice and AI-driven outreach inside tools like Microsoft Teams, Cisco Webex, Zoom, RingCentral and NetSapiens. Though texting and messaging are convenient communications tools, considerations from CISOs, compliance officers and legal teams include who controls the content employees are sending, can the business prove consent and opt-outs across channels, and how can businesses show auditors what occurred in a conversation, officials said.
Approved Contact encrypts data in transit and at rest within its platform while also capturing and archiving full conversation history for audits and investigations. In addition, it’s designed to feed message content into DLP, SIEM and eDiscovery tools for inspection and policy enforcement. The ISO 27001 certification validates these controls are part of a “managed, tested and continually improved security system,” the company said.
In addition, as AI becomes part of more customer conversations, ISO 27001 should signify to organizations that permissions, content and data flows are being handled in a controlled, documented way, officials said.
“Security isn’t a feature for us; it’s the foundation we’re built on,” said Doug Worth, co-founder of Approved Contact. “ISO 27001 is an important milestone because it shows our customers, partners and regulators that we manage consent, content and communication data with the rigor they expect.”
