Ideals is certified against internationally recognised security and privacy standards. These certifications, together with independent security scoring and our public Trust Center, demonstrate our commitment to protecting customer data and maintaining a transparent, auditable security posture.
This article outlines the certifications we hold, how we monitor our security performance, and how customers can request additional documentation under NDA.
Our security certifications
Ideals maintains a set of globally recognised ISO/IEC certifications. Each standard is independently audited on a recurring cycle.
ISO/IEC 27001:2022 – Information Security Management
The leading international standard for information security, covering risk management, access controls, incident response, business continuity and operational security.
ISO/IEC 27701 – Privacy Information Management
An extension of ISO/IEC 27001 that governs how organisations collect, store, process and protect personal data.
ISO/IEC 27017 – Cloud Security Controls
Provides additional security guidance for cloud service providers and customers, including shared responsibility and cloud-specific controls.
GDPR and HIPAA Compliant
GDPR compliance guarantees your personal information is handled with high security and privacy, ensuring accountability and transparency.
HIPAA compliance benefits customers by strictly securing their Protected Health Information (PHI), building trust, and minimizing data breach risk. Ideals' HIPAA compliance is 3rd party verified.
Additional security frameworks
Ideals also meets several widely recognised security and resilience standards that customers frequently request during due diligence.
SOC 2 – Trust Services Criteria
Validates the effectiveness of our controls across security, availability, processing integrity, confidentiality and privacy, based on an independent audit.
SOC 3 – Public Assurance Report
A general-use summary of our SOC 2 audit, providing easy-to-share assurance of our security practices without exposing sensitive detail.
DORA – Digital Operational Resilience
Supports customers in regulated financial markets by aligning with DORA requirements for ICT risk management, operational resilience and third-party oversight.
Independent security scores
Ideals is continuously assessed by leading external security rating platforms where we outperform all close competitors to ensure you get market-leading security:
Note: these are 3rd party services and you may be required to create an account to access the full details
These platforms evaluate factors such as network security, DNS health, patching cadence, domain protection, and configuration hygiene. Scores update daily, giving customers independent visibility into our security posture.
Trust center
You can view real-time information about our security, compliance, uptime and policies at:
The Trust Center includes:
Certification status and audit cycles
Security documentation and policy summaries
Details on our security controls and approach
Penetration test attestation letter, security whitepaper
Requesting security reports under NDA
If your organisation requires deeper due diligence, we can share unredacted security documentation after an NDA is signed. This may include:
SOC2 certification reports
Penetration testing reports
Detailed policy documents
Security architecture information & network diagram
To request these documents:
Contact your account manager or success manager.
Provide your organisation’s NDA, or request an Ideals template.
Once the NDA is signed by both parties, we will provide the required reports through a secure channel.
Our commitment to security
Security at Ideals is a continuous practice. Certifications, audit cycles, security scoring and transparent reporting are built into how we operate–not added on top. Whether handling AI-supported features or core VDR functions, we design every system to meet global standards for confidentiality, integrity and availability.
If you have any questions about our certifications or security processes, contact your Ideals representative or reach out through the Support Team.