Cloud Computing Security
Protecting your data is our top priority. We invest heavily in the security and resiliency of every component within the Rescale ecosystem – our data centers, our software platform, and day-to-day operations as a business. As a result, Rescale complies with the strictest industry standards for security and data protection across every step of the user experience.
Industry-Leading Compliance Standards
Secure access and login for all users
Password complexity and identity verification
Client-side 256-bit AES SSL encryption
Data encrypted in transit and at rest, and backed up regularly
Run isolated cluster protected by firewalls
Security Leadership in Cloud Simulation
Account Settings and Administrative Controls
IT administrators can establish controls on account settings for Rescale users. In addition, administrators can configure permissions and privileges at the organizational, departmental, or even at the individual user level.
- Configure policies for password strengths and resets, failed logins, session duration, and activity requirements
- Manage permissions for access, editing, upload, download, archival, and sharing
- Set expiration dates for jobs, scripts, and individuals
Industry-Leading Data Encryption
Proprietary methods to ensure that data stays encrypted at every step of the process, during transit, and at rest.
- Encryption in transit with high-grade SSL and at rest with 256-bit AES
- Simulations always run in private, closed clusters with kernel-encrypted hard drives
- Encryption keys are securely stored in separate locations
Data Center Security and Availability
Rescale uses multiple data centers to host its applications and data, providing essential redundancy. All Rescale data centers employ physical security, strict access policies, and secure vaults and cages.
- Rescale’s data centers include biomentric entry authentication and 24/7 armed guards
- All components of essential system have N+1 or greater redundancy
- Uninterruptible power and backup systems, plus fire and flood prevention at storage sites
External Certifications and Compliance Efforts
Rescale takes every measure necessary to ensure customer privacy and data confidentiality. This includes working with external auditors and government agencies to ensure the utmost compliance at all times.
- Rescale has been issued an SOC 2 (formerly SSAE 16) Type II report, refelecting our commitment to maintaining our leadership in cloud simulation security
- CSA Cloud Security Alliance- Registered
- Rescale is ITAR compliant and registered with the U.S. Directorate of Defense Trade Controls (DDTC)
- Successfully completed security and IT audits with several existing customers
Minimum Rescale Compliance Standards
Service Organization Controls (SOC) 2, Type 2 Attested
The SOC 2 report is an attestation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Rescale. This report provides additional transparency into Rescale’s security based on industry standards and further demonstrates our commitment to protecting customer data.
International Traffic in Arms Regulations (ITAR) Compliant
Rescale supports US International Traffic in Arms Regulations (ITAR) compliance. Companies subject to ITAR export regulations, such as many of Rescale’s customers in the aerospace industry, must control unintended exports by restricting access to protected data to US Persons and restricting physical location of that data to the US. Rescale works with partners to provide an end-to-end environment physically located in the US and where access is limited to US Persons, thereby allowing qualified companies to transmit, process, and store protected articles and data subject to ITAR restrictions.
Cloud Security Alliance (CSA) Registered
In 2011, the Cloud Security Alliance (CSA) launched STAR, an initiative to encourage transparency of security practices within cloud providers. The CSA Security, Trust & Assurance Registry (STAR) is a publicly available registry that has information about the control programs of a number of cloud-based organizations. This free registry allows consumers to assess the security of cloud providers they are considering contracting with. In order to provide our customers with as much information about security as possible, Rescale has filled out the CSA Consensus Assessments Initiative Questionnaire (CAIQ).
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 ensures the security and privacy of Protected Health Information (PHI), especially important for health and biomedical projects. Rescale has achieved HIPAA certification from 2017 onwards. Contact us for specific regional coverage and more information.