Compliance

Akamai's Security Compliance & Certification

Akamai prides itself on our comprehensive compliance assessment programs and working with its customers to obtain and maintain compliance as well. This includes EU General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act of 1996 (HIPAA), Federal Risk and Authorization Management Program (FedRAMP), ISO 27002, Service Organization Control (SOC) 2 Type II, and others.

Privacy Trust Center
Akamai is trusted to make the Internet fast, reliable, and secure. Akamai understands that how it collects and uses information, and its commitment to the privacy rights of Internet users and employees, is an important part of that trust. Akamai is committed to compliance with the law, as well as protecting the personal information it collects in the course of managing its business operations and providing its solutions to business customers and consumers.

Akamai’s Privacy Trust Center is your resource for information, policies, and required disclosure relating to Akamai’s processing of certain personal information in the course of providing its services.
Learn More

Spotlight

GDPR

How Akamai can help with GDPR compliance

The EU General Data Protection Regulation (GDPR) is a new EU regulation that replaces the existing Data Protection Directive 95/46/EC, as well as many local laws implementing the Directive. The GDPR will be equally enforced by all European member states and will go into effect beginning 25 May, 2018.

Learn More

Who PCI DSS Applies to

Payment Card Industry Data Security Standard (PCI DSS) compliance is a requirement for any business that stores, processes, or transmits payment card data.

Learn More

What PCI DSS Does

Developed by the major credit card companies, the PCI DSS defines measures for ensuring data protection and consistent security processes and procedures around online financial transactions.

Learn More

Why Comply

Businesses that fail to maintain PCI DSS compliance are subject to steep fines and penalties.

Learn More

PCI DSS Certification

Visit our PCI DSS page for more information about PCI DSS and how to obtain a copy of Akamai’s Certificate of Attestation.

Learn More

Who SOC 2 Applies to

SOC (Service Organization Controls) 2 is a security standard aimed at service organizations.

Learn More

What SOC 2 Does

It breaks goals for secure operations into five different categories called trust principles, and service organizations may be assessed against one or more of the trust principles.

Learn More

Akamai’s SOC 2 Report

Akamai's SOC 2 report covers the Security and Availability trust principles. For more information and to obtain a copy of the report under NDA, visit our SOC 2 Type II page (link to SOCI 2 Type II page).

Learn More

What ISO/IEC 27002 is

ISO/IEC 27002 is an information security standard published by the International Organization for Standardization (ISO) and by the International Electrotechnical Commission (IEC), titled Information technology – Security techniques – Code of practice for information security controls.

Learn More

Akamai’s ISO/IEC 27002 Report

For more information and to obtain a copy of the report under NDA, visit our ISO/IEC 27002 page.

Learn More

Superior Performance and Security

Whether government organizations or educational institutions need to deliver online services, migrate applications to the cloud, provide critical information during a crisis, or simply improve the performance of a website to enhance a user’s experience, especially on mobile devices, they're challenged to meet user expectations for fast, seamless web experiences on any device while securing content and users from a growing set of cyber security threats.

Learn More

US Public Sector Information

More information, including about FedRAMP certification, is found on the U.S. Public Sector page.

Learn More

What HIPAA is

The Health Insurance Portability and Accountability Act of 1996 (HIPAA), and subsequent laws and regulations, require that those who have access to personal health information maintain certain security and privacy controls to protect the privacy of patient health information.

HIPPA Compliance at Akamai

Akamai is assessed annually for compliance with the HIPAA Security Rule. The Executive Summary of Akamai's HIPAA Security Rule Assessment and/or the related letter from our assessors regarding Akamai's HIPAA Security Rule Assessment is available to Akamai customers and partners subject to nondisclosure agreements (NDAs) with Akamai. Contact your Akamai account team for more information.

 

What is it?

.BANK is a new top-level domain (TLD) that provides a trusted, verified, more secure, and easily identifiable location on the Internet for the global banking community.

Today, when you bank online, you visit your bank at a .COM site such as “www.anytownbank.com”. With .BANK, you would visit “www.anytown.bank.” The new .BANK TLD has enhanced security requirements that helps ensure the safety of your online banking session.

.BANK acts as a built-in stamp of approval for a bank, letting their customers know their site is trusted, verified, and more secure than .COM.

How does Akamai support .BANK?

Akamai fully complies with the new security requirements for .BANK. Existing Akamai banking customers can migrate their banking portals to .BANK and continue to have access to a full range of Akamai’s cloud performance and security products, including Fast DNS, Ion, Kona Site Defender, and more.

How can I get more information?

Contact your Akamai representative for further information using one of the methods below.

What is it?

.INSURANCE is a new top-level domain (TLD) that provides a trusted, verified, more secure, and easily identifiable location on the Internet for customers using online insurance websites.

Today, when you visit an insurance site to get a quote, or to renew or maintain your policy, you visit your insurer at a .COM site such as “www.myautoinsurance.com.” With .INSURANCE, you would visit “www.myauto.insurance.” The new .INSURANCE TLD has enhanced security requirements that helps ensure the safety of your online insurance session.

.INSURANCE acts as a built-in stamp of approval for an insurance company, letting their customers know their site is trusted, verified, and more secure than .COM.

How does Akamai support .INSURANCE?

Akamai fully complies with the new security requirements for .INSURANCE. Existing Akamai insurance customers can migrate their insurance portals to .INSURANCE and continue to have access to a full range of Akamai’s cloud performance and security products, including Fast DNS, Ion, Kona Site Defender, and more.

How can I get more information?

Contact your Akamai representative for further information using one of the methods below.

What is fTLD?

fTLD Registry Services was formed by a coalition of banks and insurance companies to control the new .BANK and .INSURANCE TLDs, and it has established an extensive set of security requirements for these new TLDs. It controls and grants banks and insurers the right to operate under .BANK or .INSURANCE.

Before a bank or insurance company can move to the new TLD, applicants undergo a thorough verification process by fTLD. Once the website is up and running, fTLD continues to monitor the security of the website to verify that the enhanced security remains in place.

How can I get more information about fTLD?