New Relic achieved Federal Risk and Authorization Management Program (FedRAMP) Authority to Operate (ATO) with the U.S. Office of Management and Budget (OMB). The FedRAMP ATO enables New Relic to operate as a Cloud Service Provider (CSP) for systems operating at the FIPS 199 “Moderate” security impact level. Click here to learn more.
New Relic undergoes this industry-standard security audit on an annual basis, having passed without exception since 2013. We are verified at the highest level—not only for our data center and agents, but also for our own internal security policies, processes, and employees.
New Relic has undergone CSA STAR self-assessment by documenting and publishing our security controls in the CSA STAR registry. This demonstrates our adherence to the key principles of cloud security—transparency, rigorous auditing, and harmonization of standards, with continuous monitoring.
New Relic has taken steps to enable our customers who elect to process personal data in our products to do so in accordance with the GDPR and applicable data protection laws. We work to ensure that our practices and contracts are prepared to support EEA customers who wish to include personal data in their performance data. New Relic self-certifies with both EU-US and Swiss-US Privacy Shield. Check our GDPR FAQ