fbpx

 

 

 

Ansys Security Program

The benchmark for engineering analysis software relating to security measures, IT protocol, and protection of consumer data.

Our Commitment to Security

SimuTech Group, an Ansys Elite Channel Partner, adheres to the security programs and compliance standards set by Ansys. The Security program is the industry benchmark for engineering analysis software, along with the corresponding databases in which consumer and/or company inputs are stored.

Dependable IT Support

Businesses depend on our team to secure assets, respond to security incidents, and protect their internal data. We believe customer trust is imperative; the information provided below outlines our current security programs and compliance standards.

Ansys-Security-Program-Compliance-of-Protective-Protocols-SimuTech-Group

 

 

 

Ansys guarantees a restricted access control following industry standards and with role-based authorization and constantly monitor usage to prevent any types of threats.

  • We maintain effective logical access control measures over its systems and networks, consistent with industry standards.
  • Based upon job responsibilities and level, the team provides user account access granted on a need-to-know basis, consistent with role-based authorization.
  • Elevated accounts maintain separation of rights and allow access to sensitive administrative or management functions of systems.
  • Regular and consistent monitoring to identify inappropriate, unnecessary, or unpermitted access or usage.

For more information from Ansys on Access Control, click here.

Ansys and its subsidiaries and affiliates take your data’s protection seriously. We are constantly improving and working with our partners to improve safety and meet the industry-leading safety standard. This includes:

  • Cryptography safeguards data when at rest.
  • Data classification standards employ data categorization, allowing the team to track and monitor data over its lifecycle.
  • Data retention efforts work to delete and destroy data as it expires.

For more information on Ansys data classification standards, click here.

Adherence to Global Privacy & GDPR Compliance is another core priority for Ansys.

Global privacy notifications, explaining to customers how Ansys processes their personal data, updated annually. (www.ansys.com/privacy)

  • Ansys employees receive security training upon hire and then annually after that. Such training includes data protection; phishing, including phishing simulation tests; social engineering; insider threats, and security outside of the office.

For more information on Ansys Security protocols, click here.

Ansys Cloud uses proprietary methods and industry-standard to ensure data is encrypted at every step of the process (both during transit and at rest).

  • Encryption is used during upload and downloads over HTTPS and encryption-at-rest with AES-256
  • Simulations always executed in customer-specific private subnets on dynamic, private clusters
  • Encryption keys are securely stored in separate locations
  • Ansys Cloud encrypts data before it leaves the desktop, and it is kept encrypted.
  • Supported standards include custom file encryption @ AES256 and HTTPS TLS1.2

The Ansys Cloud Service application is deployed in multiple regions to ensure the best availability and worldwide data center security:

  • In case of service interruption, critical data isn’t lost due to replication.
  • Physical security is deployed to secure datacenters with access requests and approval. Security includes the facility’s perimeter and building entrance with two-factor authentication (biometrics), professional security officers, cameras inside the data center and patrol, and security scans. Learn more about it.
  • Isolated Compute regions consist of only enough resources needed to execute a job successfully. It’s deployed across numerous regions. The customer is offered a choice of which region to use for running simulation jobs. All customer data persist in the customer-specified area and is never copied outside of the geography.
  • Isolation of environments and clear segregation of resources, access privileges, and a full audit of the activity log.

Our cybersecurity management follows industry guidelines, including ISO and NIST frameworks, for internal assessments. We work with many third-party evaluations and audits throughout the year to guarantee our customers market-leading certifications.

  • Ansys is issued a SOC 2 Type II certification.

SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients.

  • We’re also ISO27001 & ISO27017 certified.

Click HERE to download Ansys’ Cybersecurity White Paper for Ansys Cloud

 

Best-in-Class Security | Ansys Certifications

AICPA-SOC-Ansys-Security-Program-Certification-Ansys-Security-Program-and-SimuTech-Group
cloud-security-alliance-certification-Ansys-Security-Program-and-SimuTech-Group
ISO-27017-Certified-A-LIGN-Ansys-Security-Program-and-SimuTech-Group
ISO-27001-Certified-A-LIGN-Ansys-Security-Program-and-SimuTech-Group

AICPA | SOC Certification

  •  SOC Certification from AICPA (The American Institute of Certified Public Accountants) is for professionals and businesses that demonstrate advanced-level experience managing and leading SOC engagements.
  • Developed by leading subject matter experts in this space, this certificate determines the business’ efficacy to plan, perform and report on SOC 1® and SOC 2® engagements.

CSA Certification

  •  CSA STAR (Security, Trust & Assurance Registry) certification is a rigorous, third-party, independent assessment of the security of a cloud service provider. CSA Certification is based on achieving ISO/IEC 27001, along with a specified set of criteria outlined in the Cloud Controls Matrix.
  • The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

ISO 27017 Certification

  • ISO 27017 certification demonstrates that an organization adheres to information security best-practice framework for cloud service providers and their customers.  Certification communicates to affiliated parties that an independent, expert assessment has conducted a security audit, and determined that the data is sufficiently protected.
  • The ISO 27017 framework was published in 2015 by the ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission).

ISO 27017 Certification

  •  ISO 27001 certification demonstrates that an organization has invested in the people, processes, and technology to protect the organization’s data and provides an independent, expert assessment of whether your data is sufficiently protected.
  • The ISO 27001 framework was published in 2013 by the ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission).  In addition, It is the only internationally recognized certifiable information security standard.

Ansys Security Program | System & Organization Controls Report