SECURITY LEADERSHIP IN CLOUD SIMULATION

Protecting your technical data is our top priority. We invest heavily in the security and resiliency of every component within the Rescale ecosystem - our data centers, our software platform, and day-to-day operations as a business. As a result, Rescale complies with the strictest industry standards for security and data protection across every step of the user experience. Run your simulations on Rescale with confidence.

For more information, please contact security@rescale.com or call 1-855-RESCALE (737-2253).


Account Settings and Administrative Controls

IT administrators can establish controls on account settings for Rescale users. In addition, administrators can configure permissions and privileges at the organizational, departmental, or even at the individual user level.

  • Configure policies for password strength and resets, failed logins, session duration, and activity requirements

  • Manage permissions for access, editing, upload, download, archival, and sharing

  • Set expiration dates for jobs, scripts, and individual files

  • Configure Policies
  • Permission Controls
  • Expiration Dates

Industry-Leading Data Encryption

Rescale uses proprietary methods to ensure that data stays encrypted at every step of the process, during transit and at rest.

  • Encryption at transfer with high-grade SSL and at rest with 256-bit AES

  • Simulations always run in private, closed clusters with kernel-encrypted hard drives

  • Encryption keys are securely stored in separate locations

  • 256-bit AES SSL
  • Encrypted Kernels
  • Securely Stored Keys

Data Center Security and Availability

Rescale uses multiple data centers to host its applications and data, providing essential redundancy. All Rescale data centers employ physical security, strict access policies, and secure vaults and cages.

  • Rescale's data centers include biometric entry authentication and 24/7 armed guards

  • All components of essential systems have N+1 or greater redundancy

  • Uninterruptible power and backup systems, plus fire / flood prevention at storage sites

  • Biometric Entry
  • Redundant Systems
  • Backup Power

External Certifications and Compliance Efforts

Rescale takes every measure necessary to ensure customer privacy and data confidentiality. This includes working with external auditors and government agencies to ensure the utmost compliance at all times.

  • Rescale has been issued an SOC 2 (formerly SSAE 16) Type II report, reflecting our commitment to maintaining our leadership in cloud simulation security

  • Rescale is ITAR compliant and registered with the U.S. Directorate of Defense Trade Controls (DDTC)

  • Successfully completed security and IT audits with several existing customers

  • SOC 2 Compliant
  • ITAR Compliant
  • Customer Audits

ADDITIONAL SECURITY INFORMATION

Service Organization Controls (SOC) 2

SOC2

The SOC 2 report is an attestation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations such as Rescale. This report provides additional transparency into Rescale's security based on industry standards and further demonstrates our commitment to protecting customer data.

International Traffic in Arms Regulations (ITAR)

ITAR

Rescale supports US International Traffic in Arms Regulations (ITAR) compliance. Companies subject to ITAR export regulations, such as many of Rescale's customers in the aerospace industry, must control unintended exports by restricting access to protected data to US Persons and restricting physical location of that data to the US. Rescale works with partners to provide an end-to-end environment physically located in the US and where access is limited to US Persons, thereby allowing qualified companies to transmit, process, and store protected articles and data subject to ITAR restrictions.

Cloud Security Alliance (CSA)

Cloud Security Alliance

In 2011, the Cloud Security Alliance (CSA) launched STAR, an initiative to encourage transparency of security practices within cloud providers. The CSA Security, Trust & Assurance Registry (STAR) is a publicly available registry that has information about the control programs of a number of cloud-based organizations. This free registry allows consumers to assess the security of cloud providers they are considering contracting with. In order to provide our customers with as much information about security as possible, Rescale has filled out the CSA Consensus Assessments Initiative Questionnaire (CAIQ).