Security & Compliance
Cloud Computing Security
For organizations requiring the highest level of security and compliance for their HPC and AI workloads, Rescale provides a full-stack solution that delivers far beyond cloud provider responsibilities, fulfilling the shared responsibility model. Rescale’s platform enables engineers and scientists to accelerate innovation and collaboration while adhering to stringent security protocols and compliance frameworks like FedRAMP, SOC 2, and ISO 27001. With zero-trust security across people, devices, networks, and workloads, Rescale ensures that sensitive data remains protected throughout the R&D process.
Industry-Leading Compliance Standards
Business Impact
Accelerate Innovation with AI
Adhere to Strict Industry Standards
Comply with specialized industry mandates, as exemplified by Boom Supersonic’s ITAR users, who are able to comply with industry standards.
Establish Data Traceability for Industry Compliance
Maintain comprehensive and auditable records of engineering decisions, just as Kairos Power successfully captures and stores terabytes of data for traceability and governance to meet industry regulations.
Drive Consistent Governance with Policy-Based Automation
Empower engineering teams with intelligent computing solutions, as demonstrated by Eaton which governs a secure, compliant, and policy-driven environment across all global divisions.
End-to-End Security
Initial Entry
Secure access and login for all users
Authentication
Password complexity and identity verification
SSL Encryption
Client-side 256-bit AES SSL encryption
Data Protection
Data encrypted in transit and at rest, and backed up regularly
Cluster Privacy
Run isolated cluster protected by firewalls
Security Leadership in Cloud Simulation
Account Settings and Administrative Controls
IT administrators can establish controls on account settings for Rescale users. In addition, administrators can configure permissions and privileges at the organizational, departmental, or even at the individual user level.
- Configure policies for password strengths and resets, failed logins, session duration, and activity requirements
- Manage permissions for access, editing, upload, download, archival, and sharing
- Set expiration dates for jobs, scripts, and individuals
Industry-Leading Data Encryption
Proprietary methods to ensure that data stays encrypted at every step of the process, during transit, and at rest.
- Encryption in transit with high-grade SSL and at rest with 256-bit AES
- Simulations always run in private, closed clusters with kernel-encrypted hard drives
- Encryption keys are securely stored in separate locations
Data Center Security and Availability
Rescale uses multiple data centers to host its applications and data, providing essential redundancy. All Rescale data centers employ physical security, strict access policies, and secure vaults and cages.
- Rescale’s data centers include biomentric entry authentication and 24/7 armed guards
- All components of essential system have N+1 or greater redundancy
- Uninterruptible power and backup systems, plus fire and flood prevention at storage sites
External Certifications and Compliance Efforts
Rescale takes extensive measures to ensure customer privacy and data confidentiality. This includes working with external auditors and government agencies to ensure the utmost compliance at all times.
- FedRAMP Authorized Impact Level Moderate with Impact Level 5 In-Process
- SOC 2 Type II report issued, reflecting our commitment to maintaining our leadership in cloud simulation security
- ITAR registered with the U.S. Directorate of Defense Trade Controls (DDTC)
- CSA Cloud Security Alliance Registered
- Successfully completed security and IT audits with several existing customers
Minimum Rescale Compliance Standards
Service Organization Controls (SOC) 2, Type 2 Attested
The SOC 2 report is an attestation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Rescale. This report provides additional transparency into Rescale’s security based on industry standards and further demonstrates our commitment to protecting customer data.
International Traffic in Arms Regulations (ITAR) Compliant
Rescale is registered with US International Traffic in Arms Regulations (ITAR). Companies subject to ITAR export regulations, such as many of Rescale’s customers in the aerospace industry, must control unintended exports by restricting access to protected data to US Persons and restricting physical location of that data to the US. Rescale works with partners to provide an end-to-end environment physically located in the US and where access is limited to US Persons, thereby allowing qualified companies to transmit, process, and store protected articles and data subject to ITAR restrictions.
FedRAMP Authorized Moderate Impact Level
Rescale is the only full-stack digital engineering platform with FedRAMP Moderate Authority to Operate (ATO). Available for its Government platform, Rescale’s FedRAMP authorization is a crucial standard for organizations handling sensitive federal information. This authorization is suited for U.S. federal agencies, state and local governments, and contractors/private sector companies handling regulated information, allowing them to securely manage Controlled Unclassified Information (CUI). Rescale’s FedRAMP Moderate status ensures a highly secure environment for running critical computing workloads with the benefits of cloud from rapid deployment to seamless collaboration. Find Rescale in the FedRAMP Marketplace.
Department of Defense (DoD) Impact Level 5 (IL5)
Rescale holds an Authority to Test (IATT) for DOD Cloud Authorization at Impact Level 5 (IL5), to support government agencies, defense contractors, and other organizations’ handling of highly sensitive national security information. This stringent standard protects the secure processing of Controlled Unclassified Information (CUI) and National Security Systems (NSS), demonstrating Rescale’s commitment to the highest levels of data protection.