Rubrik was founded on the belief that data management was unnecessarily difficult and we have been focused on making it easier through Cloud Data Management. While we are still innovating with solutions for customers’ data management needs, we know data management only works when it is simple and when you can trust that Rubrik will protect your data.

As your partner in data protection—not only do we provide a best-in-class data management solution—but compliance, privacy, and security is core to what we do. We have made significant investments in these areas, including achieving major compliance certifications.


SOC 2 Type II / SOC 3

SOC 2 Type II is a report designed to demonstrate how a company protects customer data and looks at how well a company’s controls are working. The SOC 2 Type II looks at up to five categories of the Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. SOC 3 reports cover the same areas that SOC 2 does and provides a report for general public use.

ISO 27001

ISO 27001 covers a wide range of standard requirements for an information security management system. This certifies that information such as financial information, intellectual property, employee details and other data sets are securely managed.

ISO 27017

The ISO 27017 is a code of practice that provides guidelines on information security controls for cloud services. For Rubrik customers, this means that when implementing a management system, our cloud services are following industry best practices in standard controls.

ISO 27018

ISO 27018 is a code of practice for protecting personally identifiable information in public clouds. This is really looking at information security techniques and lets customers know that Rubrik is putting them first.

These compliance certifications build on top of what Rubrik has done as a leader in cloud data management. Rubrik supports the Common Criteria EAL2+ requirements, provides a FIPS 140-2 Level 2 certified encryption solution at rest, and is certified by the U.S. Department of Defense Information Network Approved Products List (DODIN APL).

And this is only the beginning! Compliance, privacy, and security are at the core of what we do. To learn more about what we do, please check our Compliance Program and Customer Trust Portal.