Security is our priority
We are committed to the security of the data you rely on to make more perfect software. We use industry-standard security technologies and comprehensive policies and controls to maintain a culture of security.
Authentication and access management
Authenticate your users with SAML single sign-on. Manage permissions directly to authorize who can access or change your data and account settings.
We protect the confidentiality, integrity, and availability of your data using industry standard encryption protocols such as TLS (Transport Layer Security).
Our Privacy team works closely with our Information Security team to implement the technical and administrative security controls necessary for privacy best practices.
Our default agents settings provide a high level of security. If you need an even higher level, we provide some account customizations, including enabling the High Security mode to ensure no sensitive data will be sent to us.
We maintain strict standards to protect our systems including how we manage network and systems security, vulnerability management, and authentication and access management. View our Docs page for specific policy details.
Meeting compliance standards
We enable you to process personal data requests in accordance with data protection laws, such as General Data Protection Regulation (GDPR) in the EU and the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together CCPA). Check our GDPR FAQ and our CCPA FAQ for more information. You may also request HIPAA account enablement on your account to ensure protection of your PHI (HITRUST-certified)."
“Security is important to us at New Relic. We take care of your data from creation to deletion. We hold ourselves to high standards, maintaining several certifications including ISO 27001 and FedRAMP.”
Esteban Gutierrez, Chief Information Security Officer at New Relic
Frequently Asked Questions
Esteban Gutierrez serves as our Chief Information Security Officer.
The Security Team consists of over 20 dedicated personnel who protect your data in corporate security and New Relic products. We have extensive security experience, hold numerous advanced degrees in computer science, network, information security, and hold industry security certifications including CISSP, CRISC, CIPP, and OSCP.
We are certified ISO 27001, TISAX, FedRAMP Moderate, and HITRUST, plus our Digital Intelligence Platform is on the Department of Homeland Security's Continuous Diagnostic and Mitigation Program's (CDM) Approved Product List. We also have an annual AICPA SOC2 Type 2 audit conducted.
We have a global presence and cover a wide-range of time zones in the US and Europe to give you extended coverage.
Our Compliance and Certifications
ISO 27001 Certification
New Relic conforms to the requirements of ISO/IEC 27001:2013 (ISO 27001). The certification is for the New Relic platform and covers the management of information and business activities that support integrations, tools, and applications.
AICPA SOC2 Type 2
New Relic participates in this industry-standard security audit on an annual basis, having passed without exception since 2012. We are verified at the highest level for our data center and agents and for our own internal activities.
GDPR and EU Compliance
New Relic ensures that customers who want to access personal data can do so in accordance with the GDPR and applicable data protection laws. Check out our GDPR FAQ.
Cloud Security Alliance
New Relic documents and publishes our self-assessment in the CSA STAR registry demonstrating our adherence to the key principles of cloud security—transparency, rigorous auditing, and harmonization of standards, with continuous monitoring.
New Relic has completed the Trusted Information Security Assessment Exchange (TISAX) at assessment level 2 (AL 2). TISAX standardizes the information security requirements in the automotive industry. TISAX assessments are conducted by accredited audit providers and assessment details can be found on the ENX Portal.
HITRUST CSF Certified
New Relic achieved HITRUST Common Security Framework (CSF) certified status from the HITRUST Alliance, a not-for-profit organization whose mission is to champion programs that safeguard sensitive information and manage information risk for organizations across all industries and throughout the third-party supply chain.