linkedin-logo-full linkedin-logo-icon logo-404-front logo-404-back
LinkedIn Security
  • Trust & Compliance
  • Vulnerability Disclosure
  • Safety Center
  • Security Practices
  • Privacy Policy

Trust and Compliance

LinkedIn maintains an Information Security Program to ensure the confidentiality, integrity, and availability of all computer and data communication systems while meeting the necessary legislative, industry, and contractual requirements. 

LinkedIn policies, procedures, and standards are based on the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001. In addition, we use an independent third-party body to audit our compliance with leading industry standards periodically. 

The following is a comprehensive list of industry standard certifications to validate our commitment to members first.  

ISO 27001

The International Organization for Standardization 27001 Standard (ISO 27001) is an Information Security Management System (ISMS) standard that is globally recognized. This standard leverages best practices and comprehensive security controls from ISO 27002. It includes people, processes and IT systems by applying risk management process. LinkedIn’s ISO certification covers products and services on the LinkedIn platform and is available to view here.

ISO 27018

The International Organization for Standardization 27018 Standard (ISO 27018) covers privacy protections for the processing of personal information by cloud service providers.  LinkedIn’s ISO certification covers products and services on the LinkedIn platform and is available to view here.

SOC 2

Service Organization Control (SOC) report is based on American Institute of Certified Public Accountants (AICPA) trust service principles and criteria. The report provides detail on the effectiveness of a service organization’s controls focusing on the trust principles and criteria containing customer data. LinkedIn undergoes independent third-party assessment on relevant products and services. The LinkedIn SOC 2 report covers LinkedIn Recruiter, Sales Navigator, and LinkedIn Learning Solutions.

To request the SOC 2 report please reach out to your account management team.

PCI DSS

The Payment Card Industry Data Security Standards (PCI DSS) is a proprietary information security standard designed to ensure that companies processing, storing or transmitting payment card information maintain a secure environment. The PCI DSS applies to credit cards from the major card brands, including Visa, MasterCard, American Express, Discover, and JCB. A third-party PCI Qualified Security Assessor (QSA) assesses company systems and processes on an annual basis and issues an Attestation of Compliance (AOC).

Privacy Shield

For certain Services, for which we act as a data processor, LinkedIn has certified under the EU-U.S. Privacy Shield framework. For additional information about the multiple legal mechanisms (including EU Standard Contractual Clauses) which LinkedIn has in place to help customers validate transfers of personal data from the European Economic Area to LinkedIn's services, please see this FAQ well as our Data Processing Agreement. 

The EU-U.S. Privacy Shield Framework was designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce.

  • About
  • Cookie Policy
  • Privacy Policy
  • User Agreement
LinkedIn logo © LinkedIn Corporation 2018