As a data integrations company, we understand the importance of keeping your company’s data secure. Punchout Connect’s information security program is based on industry standards and adheres to a strict set of policies designed to protect your data and keep our infrastructure and environment secure. Rest assured as a Punchout Connect customer, you are protected by our highest level of security measures and accredited procedures.

Punchout Connect’ is certified by DQS Inc. for ISO/IEC 27001 compliance. The ISO/IEC 27001 is one of the most widely acknowledged information security standards worldwide, outlining best practices to the confidentiality, integration and availability of information in a company. ISO/IEC 27001 outlines and provides requirements for an information security management system (ISMS), specifies a set of best industry practices, and details the security controls that help manage information risks. As an ISO 27001 certified company, Punchout Connect provides an information security management framework for assessing information risk management processes, including our ability to establish, implement, operate and monitor secure information in the context of B2B integration services. It covers both corporate processes and the technology infrastructure we use to provide cloud and managed integration solutions.

View ISO 27001 certificate

Security Insights

Punchout Connect’s technology has state-of-the-art security features to help you meet your organization’s compliance standards. 

Data Security

Punchout Connect encrypts customer data in transit and at rest. Customer data is also segregated and access is restricted.

Application security

Punchout Connect aligns with industry recognized standards and best practices to ensure security of application and software development practices. 

Secure access control

Strong security controls and granular role-based access are applied to safeguard user access and data policy.

State-of-the-art hosting

Punchout Connect is hosted on Amazon Web Services, one of the best Cloud hosting providers offering high security, high availability and high performance.

Security testing

Frequent testing from trusted independent third parties prevents security incidents, such as data breaches.

Single-Sign-On (SSO)

Punchout Connect is compatible with SAMLv2 to enable smooth and secure login to all applications 

Information security governance

Punchout Connect’s Information Security Policy minimizes risks and is overseen by our Vice President of Operations & Security

Detection, response, and recovery

Advanced threat detection systems are in place with an Incident Management Policy to ensure business continuity. 


Punchout Connect’s solutions prioritize privacy and ensure sensitive data is collected, transmitted,  processed, and stored in accordance with strict privacy standards. 

As an integration and automation provider, we process sensitive business and customer information. We want our users to have complete confidence their data is safe and used only in the ways they expect. 

That’s why Punchout Connect software and systems are engineered with a privacy-first approach that complies with the EU General Data Protection Regulation and the EU-U.S. Privacy Shield Framework. 

We implement a wide variety of technical and organizational processes and controls to ensure that personal data can only be accessed by authorized parties, whether that’s our users or their customers. Learn more about Punchout Connect’s  privacy policies.

Contact us to learn more about Punchout Connect’s commitment to security and privacy.