Detailed Security Information

Security Notices

Detailed security notices for each RSA SecurID Access region and service

Read Notices
Standard Agreements

SLAs detailing system availability and other information

Read Agreements
Certifications and Compliance

Exceeding industry standards and regulations on product security, reliability, and availability

View More
RSA Security Policy

Learn about the security practices, operations, controls, and best practices that secure RSA customers

View More

Certification & Compliance.

RSA is certified to comply with industry standards and regulations governing product security, reliability, and availability. We share these certifications as part of our commitment to earning customer trust and delivering proven performance.

SOC2 Type 2

SecurID meets AICPA SOC guidelines requiring CPA issuance of a SOC 2 Type 2 report on controls relevant to security, availability and confidentiality.
Status not applicable to FedRAMP environments.

CSA STAR

SecurID cloud services have been listed in the Cloud Security Alliance STAR registry since 2017.
See current status

FIPS140-2 compliance

SecurID uses FIPS 140-2 validated cryptographic modules for managing data at rest and in motion across mobile apps, cloud and on-premises.
Link to certificates

FedRAMP

FedRAMP Moderate Authorization designation through JAB P-ATO process, making it available for US government agencies and Federal System Integrators to take their journey to the cloud.
See FedRAMP marketplace

ISO9001:2015

The quality management system is certified to the ISO 9001:2015 standard in the fulfillment of SecurID authentication tokens.
View certificate

FCC Rules & Regulations for Title 47

SecurID hardware tokens meet FCC guidelines for radiated and conducted emissions in Title 47, part 15 of the CFR.
See test description

CE Marking

SecurID hardware tokens meet EU guidelines conforming to directives 93/68/EC: 2004/108/EC: 2006/95/EC: on specifications EN550022 Class A, EN61000-4-2:2008, EN6100-4-3:2006 Class A and RoHS2: EN 50581:2012.
See EU declaration See EC declaration

Specifications and Standards.

GDPR, CCPA

SecurID provides information about the position of SecurID Access on some of the applicable aspects described in GDPR and CCPA related to the processing of personal data.

See privacy considerations

VPAT

Product accessibility information is provided in the Voluntary Product Accessibility Template (VPAT), which is intended to help contracting officials assess availability of features that support accessibility.

See AM 8.5 VPAT

MIL-STD 810F

Ruggedized testing of SecurID hardware tokens for structural integrity has been conducted in accordance with MIL-STD 810F guidelines.

See test description

ISO 13491-1, ISO DIS 13491-2

SecurID hardware tokens comply with ISO 13491-1 and ISO DIS 13491-2 (A2.1.2; A1, A2, A4) standards for being tamper-evident.

See test description

Method RS101, MIL-STD-461E

SecurID hardware tokens tested for radiated susceptibility comply with test method RS101, MIL-STD-461E.

See test description

UL 913-6th edition (US)

SecurID hardware tokens are designed and tested to the UL 913 standard for safety for use in hazardous locations.

See test description

CSA-C22.2 No. 157-92

SecurID hardware tokens are designed and tested to CAN/CSA-C22.2 No. 157-92 standard for safety for use in hazardous locations.

See test description

SecurID Subprocessors

Information about the Subprocessors that SecurID has engaged in accordance with the Data Processing Addendum (DPA).

See the list

Request A Demo

Thank you for your interest in RSA