Resources Blogs Strengthening Trust Through Global Security Certifications

Strengthening Trust Through Global Security Certifications

author
calendar10/29/2025
clock 3 min read
feature image

book open Table of Contents

At AvePoint, security, privacy, and compliance are integral to how we build trust with our customers and partners. With data security, protection, and governance at the core of who we are and what we do, we recognize that third-party certifications play a vital role in validating that commitment. Certifications provide independent assurance that our practices meet or exceed rigorous global standards, giving our customers the confidence that their sensitive data is safe in our hands. 

Breaking New Ground in Japan with ISMAP

This year, we are proud to share that AvePoint is now one of fewer than 100 organizations worldwide to achieve Information System Security Management and Assessment Program (ISMAP) certification in Japan. Joining the ranks of Microsoft, Google, and Nokia, we became the 99th company to be validated under this demanding program.

Why does this matter? ISMAP is one of the most comprehensive government security standards in the world, with 1,157 individual controls. Meeting this threshold is no small feat; it demonstrates not only our ability to serve Japanese government agencies, but also underscores our global credibility. ISMAP recognition sends a clear signal: AvePoint can meet the most rigorous security requirements, anywhere in the world.  

Renewing and Expanding Our Global Certifications

ISMAP is just the latest addition to AvePoint’s growing portfolio of certifications. As part of our 2025 recertification cycle, we renewed several key designations: 

  • ISO Certifications, including ISO 27001:2022, ISO 27017:2015, and ISO 27701:2019. These globally recognized standards validate our strong information security management, cloud security, and privacy practices. Notably, our auditors found zero non-conformities, reflecting our rigorous approach.
  • IRAP, ensuring compliance with the Australian government’s Information Security Registered Assessors Program. 

Beyond these, AvePoint continues to maintain: 

  • SOC 2 Type II, demonstrating operational effectiveness across security, availability, and confidentiality controls.
  • CSA STAR Level 2, Cloud Security Alliance’s leading security assurance certification.
  • FedRAMP Moderate and StateRAMP, authorizations that validate our readiness to support US federal, state, and local governments.

  • HITRUST, providing assurance to healthcare organizations that we safeguard sensitive patient health data by meeting integrated HIPAA, NIST, and ISO requirements. 

More information on AvePoint’s certifications is always available at the AvePoint Trust Center

Why Certifications Matter

Certifications are more than just milestones; they are ongoing commitments. Each one requires a significant investment of time, resources, and continuous improvement. For us, they reinforce a culture of accountability and transparency. For our customers and partners, they mean peace of mind: proof that AvePoint consistently meets the highest standards of security, privacy, and compliance across industries and geographies. 

Continuing Our Commitment

Earning and maintaining these certifications is a collective effort across AvePoint teams around the world. Every audit, every standard we meet, and every new designation we achieve reflects the dedication of our people and the trust of our customers.  

As the threat landscape evolves and regulations continue to expand, AvePoint remains committed to going above and beyond to safeguard your data. Each certification we achieve is a milestone in a much larger journey: building resilient systems and processes that protect data at every turn. These achievements demonstrate not just compliance, but accountability — to our customers, to regulators, and to ourselves. That accountability is what drives us forward. 

author

Dana Simberkoff

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise
compliancedata security