Akamai's Security Compliance & Certification
Akamai prides itself on our comprehensive compliance assessment programs and working with its customers to obtain and maintain compliance as well. This includes EU General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act of 1996 (HIPAA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27002, Service Organization Control (SOC) 2 Type II, and others.
Spotlight
Who PCI DSS Applies to
Payment Card Industry Data Security Standard (PCI DSS) compliance is a requirement for any business that stores, processes, or transmits payment card data.
Learn MoreWhat PCI DSS Does
Developed by the major credit card companies, the PCI DSS defines measures for ensuring data protection and consistent security processes and procedures around online financial transactions.
Learn MoreWhy Comply
Businesses that fail to maintain PCI DSS compliance are subject to steep fines and penalties.
Learn MorePCI DSS Certification
Visit our PCI DSS page for more information about PCI DSS and how to obtain a copy of Akamai’s Certificate of Attestation.
Learn MoreWho SOC 2 Applies to
SOC (Service Organization Controls) 2 is a security standard aimed at service organizations.
Learn MoreWhat SOC 2 Does
It breaks goals for secure operations into five different categories called trust principles, and service organizations may be assessed against one or more of the trust principles.
Learn MoreAkamai’s SOC 2 Report
Akamai's SOC 2 report covers the Security and Availability trust principles. For more information and to obtain a copy of the report under NDA, visit our SOC 2 Type II page (link to SOCI 2 Type II page).
Learn MoreWhat ISO/IEC 27002 is
ISO/IEC 27002 is an information security standard published by the International Organization for Standardization (ISO) and by the International Electrotechnical Commission (IEC), titled Information technology – Security techniques – Code of practice for information security controls.
Learn MoreAkamai’s ISO/IEC 27002 Report
For more information and to obtain a copy of the report under NDA, visit our ISO/IEC 27002 page.
Learn MoreSuperior Performance and Security
Whether government organizations or educational institutions need to deliver online services, migrate applications to the cloud, provide critical information during a crisis, or simply improve the performance of a website to enhance a user’s experience, especially on mobile devices, they're challenged to meet user expectations for fast, seamless web experiences on any device while securing content and users from a growing set of cyber security threats.
Learn MoreUS Public Sector Information
More information, including about FedRAMP certification, is found on the U.S. Public Sector page.
Learn MoreWhat HIPAA is
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), and subsequent laws and regulations, require that those who have access to personal health information maintain certain security and privacy controls to protect the privacy of patient health information.
HIPPA Compliance at Akamai
Akamai is assessed annually for compliance with the HIPAA Security Rule. The Executive Summary of Akamai's HIPAA Security Rule Assessment and/or the related letter from our assessors regarding Akamai's HIPAA Security Rule Assessment is available to Akamai customers and partners subject to nondisclosure agreements (NDAs) with Akamai. Contact your Akamai account team for more information.
What is it?
.BANK is a new top-level domain (TLD) that provides a trusted, verified, more secure, and easily identifiable location on the Internet for the global banking community.
Today, when you bank online, you visit your bank at a .COM site such as “www.anytownbank.com”. With .BANK, you would visit “www.anytown.bank.” The new .BANK TLD has enhanced security requirements that helps ensure the safety of your online banking session.
.BANK acts as a built-in stamp of approval for a bank, letting their customers know their site is trusted, verified, and more secure than .COM.
How does Akamai support .BANK?
Akamai fully complies with the new security requirements for .BANK. Existing Akamai banking customers can migrate their banking portals to .BANK and continue to have access to a full range of Akamai’s cloud performance and security products, including Fast DNS, Ion, Kona Site Defender, and more.
How can I get more information?
Contact your Akamai representative for further information using one of the methods below.
What is it?
.INSURANCE is a new top-level domain (TLD) that provides a trusted, verified, more secure, and easily identifiable location on the Internet for customers using online insurance websites.
Today, when you visit an insurance site to get a quote, or to renew or maintain your policy, you visit your insurer at a .COM site such as “www.myautoinsurance.com.” With .INSURANCE, you would visit “www.myauto.insurance.” The new .INSURANCE TLD has enhanced security requirements that helps ensure the safety of your online insurance session.
.INSURANCE acts as a built-in stamp of approval for an insurance company, letting their customers know their site is trusted, verified, and more secure than .COM.
How does Akamai support .INSURANCE?
Akamai fully complies with the new security requirements for .INSURANCE. Existing Akamai insurance customers can migrate their insurance portals to .INSURANCE and continue to have access to a full range of Akamai’s cloud performance and security products, including Fast DNS, Ion, Kona Site Defender, and more.
How can I get more information?
Contact your Akamai representative for further information using one of the methods below.
What is fTLD?
fTLD Registry Services was formed by a coalition of banks and insurance companies to control the new .BANK and .INSURANCE TLDs, and it has established an extensive set of security requirements for these new TLDs. It controls and grants banks and insurers the right to operate under .BANK or .INSURANCE.
Before a bank or insurance company can move to the new TLD, applicants undergo a thorough verification process by fTLD. Once the website is up and running, fTLD continues to monitor the security of the website to verify that the enhanced security remains in place.