Cloud Computing Security

Protecting your data is our top priority. We invest heavily in the security and resiliency of every component within the Rescale ecosystem – our data centers, our software platform, and day-to-day operations as a business. As a result, Rescale complies with the strictest industry standards for security and data protection across every step of the user experience.

security banner4 07

Industry-Leading Compliance Standards

aicpa soc logo v2
fedramp logo 1
cert hipaa
alv trusted by dfaras
cert csa v2

End-to-End Security

icon entry

Initial Entry

Secure access and login for all users

icon authent


Password complexity and identity verification

icon ssl

SSL Encryption

Client-side 256-bit AES SSL encryption

icon data

Data Protection

Data encrypted in transit and at rest, and backed up regularly

icon privacy

Cluster Privacy

Run isolated cluster protected by firewalls

Security Leadership in Cloud Simulation

icon admin

Account Settings and Administrative Controls

IT administrators can establish controls on account settings for Rescale users. In addition, administrators can configure permissions and privileges at the organizational, departmental, or even at the individual user level.

  • Configure policies for password strengths and resets, failed logins, session duration, and activity requirements
  • Manage permissions for access, editing, upload, download, archival, and sharing
  • Set expiration dates for jobs, scripts, and individuals
icon encrypt

Industry-Leading Data Encryption

Proprietary methods to ensure that data stays encrypted at every step of the process, during transit, and at rest.

  • Encryption in transit with high-grade SSL and at rest with 256-bit AES
  • Simulations always run in private, closed clusters with kernel-encrypted hard drives
  • Encryption keys are securely stored in separate locations
icon center

Data Center Security and Availability

Rescale uses multiple data centers to host its applications and data, providing essential redundancy. All Rescale data centers employ physical security, strict access policies, and secure vaults and cages.

  • Rescale’s data centers include biomentric entry authentication and 24/7 armed guards
  • All components of essential system have N+1 or greater redundancy
  • Uninterruptible power and backup systems, plus fire and flood prevention at storage sites

icon certificat

External Certifications and Compliance Efforts

Rescale takes every measure necessary to ensure customer privacy and data confidentiality. This includes working with external auditors and government agencies to ensure the utmost compliance at all times.

  • Rescale has been issued an SOC 2 (formerly SSAE 16) Type II report, refelecting our commitment to maintaining our leadership in cloud simulation security
  • CSA Cloud Security Alliance- Registered
  • Rescale is ITAR compliant and registered with the U.S. Directorate of Defense Trade Controls (DDTC)
  • Successfully completed security and IT audits with several existing customers

Minimum Rescale Compliance Standards

logo soc

Service Organization Controls (SOC) 2, Type 2 Attested

The SOC 2 report is an attestation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Rescale. This report provides additional transparency into Rescale’s security based on industry standards and further demonstrates our commitment to protecting customer data.

logo itar

International Traffic in Arms Regulations (ITAR) Compliant

Rescale supports US International Traffic in Arms Regulations (ITAR) compliance. Companies subject to ITAR export regulations, such as many of Rescale’s customers in the aerospace industry, must control unintended exports by restricting access to protected data to US Persons and restricting physical location of that data to the US. Rescale works with partners to provide an end-to-end environment physically located in the US and where access is limited to US Persons, thereby allowing qualified companies to transmit, process, and store protected articles and data subject to ITAR restrictions.

logo csa

Cloud Security Alliance (CSA) Registered

In 2011, the Cloud Security Alliance (CSA) launched STAR, an initiative to encourage transparency of security practices within cloud providers. The CSA Security, Trust & Assurance Registry (STAR) is a publicly available registry that has information about the control programs of a number of cloud-based organizations. This free registry allows consumers to assess the security of cloud providers they are considering contracting with. In order to provide our customers with as much information about security as possible, Rescale has filled out the CSA Consensus Assessments Initiative Questionnaire (CAIQ).

logo hipaa


The Health Insurance Portability and Accountability Act (HIPAA) of 1996 ensures the security and privacy of Protected Health Information (PHI), especially important for health and biomedical projects. Rescale has achieved HIPAA certification from 2017 onwards. Contact us for specific regional coverage and more information.

Contact Us For More Information on Security Measures

To report any unethical behaviors please fill out a form here