One of the first questions I get from every prospective Rescale customer is about security in the cloud, and rightfully so. Data security in the cloud is a big deal. Our customers work with highly technical, highly proprietary data. At Rescale, protecting the confidentiality and security of customer data at all times is our highest priority.
On the topic of cloud security, there is a lot of information available. Unfortunately, most of it is noise, and this makes it very difficult for someone new to the cloud to understand what matters. At Rescale, we cut through the noise and focus on what our customers need. Regardless of what they ultimately choose to do, here are some questions that every consumer of cloud-based simulation needs to ask.
1. How is my data protected – at every point of the process?
Only with Rescale does customer data stay encrypted at every step of the process. We use a variety of encryption methods, including high-grade SSL during transfer and 256-bit AES when data is at rest. In addition, all simulations on Rescale run in clusters with kernel-encrypted hard drives.
2. Can I keep / delete my data as needed, whenever I want to?
Rescale allows customers to store data in the cloud for however long they desire. At any time, customers can choose to permanently remove any or all of their data from the cloud.
3. Do you have SSAE16 / SOC 2 certification? How do you maintain compliance?
Rescale works with external auditors regularly to maintain its SOC 2 (formerly SSAE16) certification. Detailed policies and procedures ensure compliance from every employee throughout the Rescale organization. In addition, we conduct regular all-employee security awareness reviews, and ensure that every new employee is aware of our security procedures from Day 1.
4. We handle export-controlled data. Are you ITAR-compliant?
Yes. Rescale is ITAR-compliant, and we are registered with the U.S. Directorate of Defense Trade Controls. Currently, we have customers from the aerospace and defense industries where this is a critical requirement.
5. What type of administrative controls can we establish for our company’s users on your system?
At Rescale, we know that every customer has unique needs, and we strive to meet all of them. Administrators can configure permissions and privileges at the organizational, departmental, or even the user level. This includes policies for user access and activity, file transfer, file storage and deletion.
6. Can our IT department audit your security policies and procedures?
Yes. We have worked with IT departments from our current customers to ensure that we meet all of their security and compliance needs, and we welcome the opportunity to work with yours. This list is only the beginning of the security conversation. At Rescale, we work hard every day to maintain our leadership in cloud simulation security. We want to talk about security, and we want our customers to be very knowledgeable on this important topic. To learn more, visit our security page or contact us at firstname.lastname@example.org.