SugarCRM Achieves ISO 27001 Certification, Validating Commitment to Information Security and Trusted Data Management

The Achievement Follows Sugar’s Having Held SOC 2 Type II Attestation for Over Five Years and Cloud Security Alliance STAR Registry Listing  

SAN FRANCISCO – April 9, 2024 – SugarCRM, provider of the award-winning AI-driven sales automation platform, today announced it has achieved ISO 27001 certification, a globally recognized standard for information security management.  

The certification provides evidence of Sugar’s unwavering commitment and continued dedication to information security and data management. Obtaining ISO 27001 certification involved a rigorous audit of the company’s security practices and controls in alignment with industry-leading standards and best practices. 

ISO 27001 certification builds on the company’s having held a SOC 2 Type II attestation for over five years. Sugar is also proudly listed on the Cloud Security Alliance STAR (Security Trust Assurance and Risk) registry, further underscoring its commitment to managing information security according to international best practices. 

“Information security is a top priority for businesses today. This ISO 27001 certification demonstrates our ongoing commitment to data protection, risk management, cyber-resilience and operational excellence. We want to give Sugar customers the peace-of-mind that our security program has been independently verified and meets industry standards,” said Craig Barber, SugarCRM’s Chief Information Security Officer. 

Sugar was certified by the British Standards Institution (BSI), a leading ISO auditing firm that has certified some of the world’s most prominent software vendors, including Microsoft and Google.  

“The global digital landscape is changing, with core business practices now increasingly digitally reliant and incorporating AI-driven solutions. BSI is proud to be a trusted partner as organizations respond to this,” said David Mudd, Global Head for Digital Trust Assurance at BSI.

“Certification to the information security standard ISO 27001 shows that Sugar has taken necessary steps to protect itself against cyber threats and ensure its information security is in line with global best practice, particularly noteworthy for industries such as manufacturing, which are heavily regulated, requiring compliance with various regulations, with certification against ISO standards as a trusted, robust path to compliance,” he said. “This focus on achieving digital trust is crucial in a world of technological transformation. BSI congratulates Sugar on this achievement.” 

Sugar is an industrial-grade CRM that automates anything, accelerates everything, and anticipates what’s next. The flexible and powerful platform does the work to power modern marketing, sales, and service for organizations worldwide.  

About SugarCRM
SugarCRM is a CRM software that helps marketing, sales, and service teams reach peak efficiency through better automation, data, and intelligence so they can achieve a real-time, reliable view of each customer. Sugar’s platform provides leading technology in the sales automation, marketing automation, and customer service fields with one goal in mind: to make the hard things easier. 

Thousands of companies in over 120 countries rely on Sugar by letting the platform do the work. Headquartered in the San Francisco Bay Area, Sugar is backed by Accel-KKR. 

For more information about SugarCRM, visit: 

Media Contacts:
Erin Lutz
Lutz Public Relations and Marketing (for SugarCRM)

Sarita Kincaid
Vice President, Corporate Communications, SugarCRM