Portland, Oregon– 6/7/19 – PortlandLabs, founders of concrete5 and Liberta Server, announced today that it has received ISO 27001:2013 certification for its Information Security Management System (ISMS).

ISO 27001:2013 is an information security standard published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards,  and the International Electrotechnical Commission (IEC). PortlandLabs’ certification was issued by A-lign, an independent and accredited certification body based in the United States on successful completion of a formal audit process. This certification is evidence that PortlandLabs has met rigorous international standards in ensuring the confidentiality, integrity, and availability of client data entrusted to PortlandLabs, concrete5, Liberta Server, and all other products and services produced, provided and supported by PortlandLabs.

PortlandLabs released concrete5, a PHP and MySQL based content management system (CMS), under the MIT license in 2008.  It delivers an intuitive, word-processor-like, user experience making maintaining websites easy. PortlandLabs developed Liberta Server to manage the deployment, operations and hosting of a complex web and mobile presence.   Liberta Server is a SaaS digital experience management platform (DXP). It integrates a variety of distinct service modules including hosting, web content management, domain & SSL management, mobile app management digital asset management, online communications, analytics reporting, ad management, secure authentication and authorization, as well as marketing automation.

PortlandLabs takes threats to the availability, integrity, and confidentiality of our clients' information seriously.  As such,PortlandLabs is an ISO/IEC 27001:2013 certified provider whose Information Security Management System (ISMS) has received third-party accreditation from the International Standards Organization. ISO/IEC 27001:2013 is an information security management system standard published in October 2013 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

“This is a great accomplishment for our team” says PortlandLabs CEO Franz Maruna. “Decades of learning from a wide array of clients and their web DevOps processes have informed our own best practices. When it comes to keeping a complicated digital presence safe and nimble, we’ve seen it all. It’s great to have this first independent certification.”

A-lign, an independent, third-party auditor, found PortlandLabs to have technical controls in place and formalized security policies and procedures. A-lign is an ISO / IEC 27001 certification body accredited by the ANSI-ASQ National Accreditation Board (ANAB) to perform ISMS 27001 certifications.  PortlandLabs has implemented security measures and countermeasures that protect PortlandLabs and their hosted clients from unauthorized access or compromise. PortlandLabs personnel in all departments were found to be conscientious and knowledgeable in best practices.

Compliance with this internationally recognized standard confirms that PortlandLabs’s security management program is comprehensive and follows leading practices. The scope of our ISO/IEC 27001:2013 certification includes:

  • All PortlandLabs products including concrete5 from version 8.5.1 and Liberta Server

  • All PortlandLabs services

  • All PortlandLabs departments

  • All individuals performing work for PortlandLabs (employees, temporary employees, contractors, consultants) whether working from a remote location or from PortlandLabs’ facilities.

This certification demonstrates PortlandLabs’ continued commitment to information security at every level and ensures that the security of our client’s data and information has been addressed, implemented, and properly controlled in all areas of our organization.