Salesforce.com is First Major SaaS Vendor to Achieve ISO 27001 Certification

Internationally recognized standard for information security governance demonstrates salesforce.com's ongoing commitment to the security of its 41,000 global customers

LONDON - salesforce.com Dreamforce Europe Conference - May 7, 2008 - Salesforce.com [NYSE: CRM], the market and technology leader in Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS), today announced that it is the first publicly traded SaaS vendor to receive the prestigious ISO/IEC 27001:2005 Security Certification (ISO 27001). ISO 27001 is the internationally recognized standard for certifying that a provider's Information Security Management System (ISMS) protects its information and that of its customers.

"This certification is a massive competitive differentiator for us as the only major SaaS vendor to achieve it," said Parker Harris, EVP Technology, salesforce.com. "Our customers, particularly in Europe and Asia, have been asking for this and we're proud to provide them with this assurance that our commitment to their security is reflected in our policies and practices."

As the only internationally accepted security standard, ISO 27001 demonstrates and ensures security best practices and a managed approach to business information protection including risk, governance and compliance. Large industry, financial, and governmental customers in Europe and Asia often require their IT vendors, suppliers, and partners to be ISO 27001 certified.

Salesforce.com's ISO 27001 certification helps affirm that salesforce.com provides a consistent, reliable and secure operating environment to support its 41,000 customers and 1.1 million subscribers worldwide. Salesforce.com's existing three data centers and major offices worldwide were certified by BSI International.

In addition, salesforce.com has undergone SAS 70 (Statement on Auditing Standards No. 70) Type II examinations and SYSTRUST audits semi-annually since 2004.

About salesforce.com

Salesforce.com is the world’s largest provider of customer relationship management (CRM) software. For more information about salesforce.com (NYSE: CRM), visit: www.salesforce.com.

Any unreleased services or features referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase salesforce.com applications should make their purchase decisions based upon features that are currently available. Salesforce.com has headquarters in San Francisco, with offices in Europe and Asia, and trades on the New York Stock Exchange under the ticker symbol “CRM.” For more information please visit http://salesforce.com/uk/, or call 0800 0921223 .