Cloud Computing Security

Protecting your data is our top priority. We invest heavily in the security and resiliency of every component within the Rescale ecosystem – our data centers, our software platform, and day-to-day operations as a business. As a result, Rescale complies with the strictest industry standards for security and data protection across every step of the user experience.

Industry-Leading Compliance Standards

End-to-End Security

Initial Entry

Secure access and login for all users


Password complexity and identity verification

SSL Encryption

Client-side 256-bit AES SSL encryption

Data Protection

Data encrypted in transit and at rest, and backed up regularly

Cluster Privacy

Run isolated cluster protected by firewalls

Security Leadership in Cloud Simulation

Account Settings and Administrative Controls

IT administrators can establish controls on account settings for Rescale users. In addition, administrators can configure permissions and privileges at the organizational, departmental, or even at the individual user level.

  • Configure policies for password strengths and resets, failed logins, session duration, and activity requirements
  • Manage permissions for access, editing, upload, download, archival, and sharing
  • Set expiration dates for jobs, scripts, and individuals

Industry-Leading Data Encryption

Proprietary methods to ensure that data stays encrypted at every step of the process, during transit, and at rest.

  • Encryption in transit with high-grade SSL and at rest with 256-bit AES
  • Simulations always run in private, closed clusters with kernel-encrypted hard drives
  • Encryption keys are securely stored in separate locations

Data Center Security and Availability

Rescale uses multiple data centers to host its applications and data, providing essential redundancy. All Rescale data centers employ physical security, strict access policies, and secure vaults and cages.

  • Rescale’s data centers include biomentric entry authentication and 24/7 armed guards
  • All components of essential system have N+1 or greater redundancy
  • Uninterruptible power and backup systems, plus fire and flood prevention at storage sites

External Certifications and Compliance Efforts

Rescale takes every measure necessary to ensure customer privacy and data confidentiality. This includes working with external auditors and government agencies to ensure the utmost compliance at all times.

  • Rescale has been issued an SOC 2 (formerly SSAE 16) Type II report, reflecting our commitment to maintaining our leadership in cloud simulation security
  • CSA Cloud Security Alliance- Registered
  • Rescale is ITAR compliant and registered with the U.S. Directorate of Defense Trade Controls (DDTC)
  • Successfully completed security and IT audits with several existing customers

Minimum Rescale Compliance Standards

Service Organization Controls (SOC) 2, Type 2 Attested

The SOC 2 report is an attestation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Rescale. This report provides additional transparency into Rescale’s security based on industry standards and further demonstrates our commitment to protecting customer data.

International Traffic in Arms Regulations (ITAR) Compliant

Rescale supports US International Traffic in Arms Regulations (ITAR) compliance. Companies subject to ITAR export regulations, such as many of Rescale’s customers in the aerospace industry, must control unintended exports by restricting access to protected data to US Persons and restricting physical location of that data to the US. Rescale works with partners to provide an end-to-end environment physically located in the US and where access is limited to US Persons, thereby allowing qualified companies to transmit, process, and store protected articles and data subject to ITAR restrictions.

Cloud Security Alliance (CSA) Registered

In 2011, the Cloud Security Alliance (CSA) launched STAR, an initiative to encourage transparency of security practices within cloud providers. The CSA Security, Trust & Assurance Registry (STAR) is a publicly available registry that has information about the control programs of a number of cloud-based organizations. This free registry allows consumers to assess the security of cloud providers they are considering contracting with. In order to provide our customers with as much information about security as possible, Rescale has filled out the CSA Consensus Assessments Initiative Questionnaire (CAIQ).


The Health Insurance Portability and Accountability Act (HIPAA) of 1996 ensures the security and privacy of Protected Health Information (PHI), especially important for health and biomedical projects. Rescale has achieved HIPAA certification from 2017 onwards. Contact us for specific regional coverage and more information.

Contact Us For More Information on Security Measures

To report any unethical behaviors please fill out a form here

To report a vulnerability or security event please fill out a form here