Compliance
Virtru's compliance programs are established to help meet your organization's compliance needs and to mold our security program around industry best practices. We undergo regular independent third-party audits to validate and certify our compliance.
FedRAMP
Federal Risk and Authorization Management Program. Virtru has achieved FedRAMP Authorization at the Moderate impact level.
SOC 2
Service Organization Control 2 Type II audit and certification for security, availability, and confidentiality.
CSA STAR
Cloud Security Alliance STAR Level 1 self-assessment for cloud security best practices.
PCI DSS
Payment Card Industry Data Security Standard compliance for handling cardholder data.
FIPS 140-2
Federal Information Processing Standards validation for cryptographic modules used in Virtru products.
CJIS
Criminal Justice Information Services security policy compliance for law enforcement data.
Export Controls
EAR and ITAR export control classifications for Virtru encryption products.
CMMC
Cybersecurity Maturity Model Certification readiness for defense industrial base contractors.
DFARS 7012
Defense Federal Acquisition Regulation Supplement compliance for safeguarding covered defense information.
DoD Zero Trust Strategy
Alignment with the Department of Defense Zero Trust Reference Architecture and strategy.
HIPAA
Health Insurance Portability and Accountability Act compliance for protecting health information.