Security
Information Security
Best-in class DevSecOps
From our product design to the operations of our business, we employ rigorous security and data best-practices in everything we do. We provide our customers with a robust security platform by integrating security principles into the development process from the get-go.
- Physical security
- Network security
- Data encryption
- Toll fraud prevention
- Incident response
- Protected data
- Operations security
- Supplier management
- Data handling
- Software development cycle
- Penetration testing
The CISO Guide to Cloud Communications Security
Learn about essential cyber security, data privacy, and compliance requirements for cloud communications.
Product Security
Security Policy Controls
- Single sign-on (SSO)
- Block phone numbers
- AI-based spam blocking
- RoboCall mitigation using STIR/SHAKEN standards
- Number masking
- RingOut—calling on third-party devices with your business phone number
- Emergency response locations for E911 calls
- RAY BAUM’S Act and Kari’s Law compliant
- Voicemail routing based on business hours
- Analytics portal
- 99.999% SLA uptime
- TLS encryption/SRTP secure voice
- End-to-end encrypted (E2EE) calls (available in closed beta)
- Allow/block list—external guest domains
- Allow/block list—webmail accounts
- Clear guest identification within 1:1 and group chats
- Enforce policies
- SEA FINRA 17a-4
- End-to-end encrypted (E2EE) team chats (available in closed beta)
- Single sign-on (SSO)
- Enforced multi-factor authentication (MFA)
- Device PIN enforcement
- User management
- Data-at-rest
- Data-in-transit
- TLS encryption/SRTP secure voice
- E2EE via Message Layer Security (MLS)
- Single sign-on (SSO)
- Require password
- Restrict to authenticated users
- Session timer to logout inactivity
- Authorised apps manager
- VoIP country blocking
- Centralised IT management of free and paid users
- Audit trail to track changes
- Enterprise mobility management via RingCentral for Intune
- Native and 3rd party archive via RingCentral API
- eDiscovery, content capture and DLP via Theta Lake
The latest Trust Centre news
Corporate news
RAY BAUMs Act compliance with RingCentral MVP location awareness
Security
Protecting your data: How RingCentral helps IT secure your hybrid workforce
We keep you informed
GLOBAL COMPLIANCE
Meeting global standards for security and privacy
Our third-party attestations, certifications and adherence to global laws and compliance regulations speak to our commitment to data security. RingCentral is built on a secure cloud platform with a robust portfolio of security and compliance certifications, as well as compliance with global regulations, including:
- SOC 2 attestation
- SOC 3 attestation
- ISO 27001 and ISO 27017-18 certifications
- STIR/SHAKEN (Spam blocking)
- HITRUST certificate
- GDPR
- PCI-certified merchant
- PIPEDA
- FINRA
This means your data is secure, private, and compliant across mobile, video, and phone, making RingCentral the most reliable and secure unified cloud communications platform built for every experience. You can see the full list of our independent certifications here.
The CISO Guide to Cloud Communications Security
Learn about essential cyber security, data privacy, and compliance requirements for cloud communications.
The latest Trust Centre news
Security
RingCentral expands end-to-end encryption to phone and messaging
Corporate news
RAY BAUMs Act compliance with RingCentral MVP location awareness
Security
Protecting your data: How RingCentral helps IT secure your hybrid workforce
DATA PRIVACY
Our commitment to privacy and transparency
At RingCentral, maintaining customer trust in our data handling practices and demonstrating respect for customers' data privacy is fundamental. Our privacy program is based on the following principles:
- Accountability
- Transparency
- Data minimisation
- Privacy by Design and default
- Protection of data subject rights
- Data security
- Safeguards of data transfers
Whitepaper: Privacy and Data Protection at RingCentral
Learn about data protection policies, processes, and controls established and operated by RingCentral.
Whitepaper: RingCentral RingSense Privacy Datasheet
How RingCentral processes personal information as part of the RingSense Service.
When we transfer data from the European Economic Area (EEA), UK and Switzerland, we rely on the Standard Contractual Clauses approved by the European Commission and provide additional safeguards. We offer to our customers a data transfer agreement based on the applicable Standard Contractual Clauses and we also provide our customers with resources about the data transfer risk assessments we performed.
RingCentral operates as a data controller and as a data processor at the same time. Please read our whitepaper to learn more about RingCentral as a data controller. We use sub-processors and we execute with them data processing terms equally protective as those we enter into with our customers, including the applicable Standard Contractual Clauses for the transfer of personal data out of the EEA, UK, and Switzerland.
Transparency
The latest Trust Center news
Security
RingCentral expands end-to-end encryption to phone and messaging
Corporate news
RAY BAUMs Act compliance with RingCentral MVP location awareness
Security
Protecting your data: How RingCentral helps IT secure your hybrid workforce
Stay connected, always
RingCentral is fully redundant geographically in every location it operates. This is a key differentiator between RingCentral and its competitors.
RingCentral gives us a more diverse risk base and just lets us work from any location, something very important to our company.