Salesforce.com claims to be the first publicly traded software-as-a-service (SaaS) vendor to receive the ISO/IEC 27001:2005 security certification.

ISO 27001 is the internationally recognised standard for information security governance, and certifies that a provider's information security management system protects its information and that of its customers.

"This certification is a major competitive differentiator for us as the only major SaaS vendor to achieve it," said Parker Harris, co-founder and executive vice president of technology at Salesforce.com.

The firm reckons that many large financial and governmental customers in Europe and Asia require IT vendors, suppliers and partners to be ISO 27001 certified as it is the only internationally accepted security standard.

The standard ensures security best practices and a managed approach to business information protection including risk, governance and compliance.

Salesforce.com's existing three data centres and major offices worldwide were certified by BSI International.

The company has also undergone SAS 70 (Statement on Auditing Standards 70) Type II examinations and SysTrust audits semi-annually since 2004.