Certifications
Illumio certifications demonstrate our commitment to meeting stringent product security requirements and supporting regulatory compliance, risk management, and accessibility standards.
.webp)
FIPS 140-2
The Federal Information Processing Standard Publication (FIPS PUB) 140-2 is a U.S. government computer security standard used to approve cryptographic modules. An authorized cryptographic equipment assessment laboratory has tested and verified that the Policy Compute Engine (PCE) and Virtual Enforcement Node (VEN) faithfully incorporate the use of cryptographic functions provided by the FIPS 140-2 validated modules as it applies to data in transit.
.webp)
NIAP Common Criteria
Illumio Core v22.2.30 has been certified for conformance to Common Criteria for IT Security Evaluation. Common Criteria is an international certification recognized by over 30 countries as the common standard for government markets to purchase on-premises products evaluated by independent and licensed third parties.
.webp)
ISO 27001
Illumio has achieved the ISO 27001 certificate, demonstrating that our services align with internationally recognized best practices for information security management and security controls.
.webp)
ISO 27701
Illumio has achieved the ISO 27701 extension, demonstrating that our services align with internationally recognized best practices for privacy information management.
.webp)
Section 508
Section 508 of the Rehabilitation Act (29 U.S.C. § 794d) requires federal agencies to develop, procure, maintain, and use information and communications technology (ICT) that is accessible to people with disabilities. An authorized third party has validated Illumio Core’s conformance with Section 508 accessibility.
.webp)
SSAE-18 / SOC 2 Type 2
SOC2 is an attestation standard developed by the AICPA and is specifically designed for service providers storing customer data in the cloud. The Illumio Core™ Platform was tested by an authorized independent third-party auditor to provide assurance on the controls in-place to meet the trust services principles (TSP) criteria (SOC2). SOC 2 Type 2 Report is available to customers under NDA.
.webp)
FedRAMP Moderate
Illumio Government Cloud has achieved Federal Risk and Authorization Management Program (FedRAMP®) Authorization to Operate (ATO) at the Moderate Impact Level under the sponsorship of the Department of Health and Human Services Office of Inspector General. FedRAMP is a U.S. government program that standardizes security evaluations, approvals, and monitoring for cloud solutions.