Illumio Security Program

Trust at Illumio

Trust begins with security. Illumio has established a comprehensive security program, covering our internal security processes, development practices, and product, dedicated to ensuring our customers have the highest confidence in our security practices.

We know how critical security is for you and we maintain industry-leading practices to build a secure product and protect your data. Here is an overview of how we build, maintain, and improve security at Illumio.

Proactive Security

We believe in proactively securing our systems and applications. Illumio follows industry best practices, as well as customers’ recommendations, to harden our systems and improve our security controls.

We use Illumio Secure Cloud to protect Illumio. Illumio Secure Cloud continuously computes security for enterprise applications by using the dynamic context of individual workloads running on virtual machines or physical servers.

Continuous Monitoring

We perform continuous monitoring and scanning of our network and applications across all environments, including development and production. We also conduct regular vulnerability scans, risk assessments, and penetration tests of our infrastructure as well as our service offerings.

Continual Improvement

A critical part of our information security management program is the continual improvement of security and compliance programs, systems, and controls. Illumio is constantly seeking feedback from our internal teams and experts, customers, internal and external auditors, and improving our security and compliance processes and controls over time.

Compliance

The security processes at Illumio are operated under a comprehensive Information Security Program designed to address the vast majority of the requirements of common security standards.

Our processes and controls are regularly audited by internal and external parties, including customers and independent assessors. We have successfully completed SOC2 Type 2 compliance.

Customer Engagement

We continually work with the information security and application security/red teams of our customers to proactively answer their questions and resolve any issues.

Additional questions can be directed to: [email protected]