Security and Compliance | Privacy and Data Protection at MacStadium

Solutions

Industries

Resources

Your Trust is our Top Priority

﻿Thousands of organizations trust MacStadium. We meet or exceed the requirements of even the most demanding teams.﻿

Proud member of the Cloud Security Alliance

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment.

We want to earn your trust

Privacy and security are our priorities so your team can focus on what you do best - app development.

Privacy

We're committed to protecting your privacy through our product, infrastructure, and data governance. Learn more.

Data Center Security

We hold and maintain top certifications and deploy world-class physical, network, and process-level security at each of our locations. Learn more.﻿﻿

Cloud Security

We work with you to secure your MacStadium-hosted Mac private cloud. Learn more.﻿﻿

Compliance

We adhere to global, regional, and industry regulations to help you meet compliance standards.﻿﻿﻿﻿

Need a security document? No problem

In our Trust Portal you can access all our security reports and documentation. Don’t see what you need? Contact our security team through the Trust Portal to get the answers you need, exactly when you need them.

Privacy and data protection

MacStadium respects your privacy and is committed to protecting the privacy and confidentiality of personal data we collect.

California Consumer Privacy Act (CCPA)

The CCPA gives consumers more control over the personal information that businesses collect about them.

Data processing agreement (DPA)

Customers that require a signed DPA to maintain regulatory compliance can contact us.

Payment data security

Credit card purchases for MacStadium services are processed by Chargebee. When our customers provide their credit or debit card information via our website, the data is sent to Chargebee for processing, and the payment data is not stored on our systems.

Secure communications

All communications with MacStadium are transmitted over TLS (HTTPS), and we use SSL encryption to protect visitor data. We provide connectivity to our hardware via SSH and recommend that customers use SSH keys to securely set up their access.

In our data centers

Physical security

MacStadium’s data centers are housed in secure, restricted access buildings that provide the highest levels of physical security with biometric access control, video monitoring, armed guard services, and more. MacStadium has a defined employee and visitor access policy that defines who has access to our data centers, servers, and software.

Monitoring

MacStadium maintains 24/7 security incident and event management (SIEM). We monitor our infrastructure at all times with engineers on call to resolve any security-related events. MacStadium’s security team utilizes monitoring and analytics capabilities to identify potentially malicious activity within our infrastructure. User and system behaviors are monitored for suspicious activity, and investigations are performed following our incident reporting and response procedures.

Access logging

All access to customer systems is automatically logged and recorded via a privileged access control system/secure jump box. Our logging includes system actions as well as the logins and commands issued by our system administrators.

Securing your environment

We include the following technology with every Mac private cloud:

Dedicated hardware

We provide the hardware – the environment is all yours. You get root access and can configure it as you wish. We encourage our customers to update their credentials to lock MacStadium personnel out of their firewalls and hosts for ultimate security.

Enterprise-grade firewall

MacStadium provides an up-to-date Cisco ASA firewall with each of our private clouds. The firewall is setup by your team with your specifications, and can enable VPNs, white-listed IP ranges and more.

Network monitoring

See all traffic to and from your firewall. The monitoring system will alert you to unusual host or network activity.

Federated SSO (SAML)

Control access to your Mac private cloud with your existing identity provider to ensure that the right team members have the right access, all the time.

Certifications

MacStadium is certified to the highest level of cloud security and data privacy. We meet or exceed the requirements of even the most demanding teams.

SOC 1, 2, and 3

System and Organization Controls (SOC) is a widely recognized standard for ensuring transparency and confidence in security posture. MacStadium is regularly audited by a third party, and we maintain SOC 1 Type 2, SOC 2 Type 2, and SOC 3 compliance. View our SOC 3 report or request our SOC 2 report.

ISO 27001, 27017, and 27018

MacStadium is independently certified by Coalfire to meet these international standards. This greatly benefits our customers by providing peace of mind and cost savings during procurement audits.  View our ISO certificates.

Data Privacy Framework

MacStadium is certified under both the EU-US and Swiss-US Data Privacy Framework. View our certification.

SOC 1 TYPE 2
SOC 2 TYPE 2
SOC 3 REPORTS

ISO/IEC 27001
ISO/IEC 27017
ISO/IEC 27018

EU-US and Swiss-US Data Privacy Framework

Orka, Orka Workspace and Orka Pulse are trademarks of MacStadium, Inc. Apple, Mac, Mac mini, Mac Pro, Mac Studio, and macOS are trademarks of Apple Inc. The names and logos of third-party products and companies shown on the website are the property of their respective owners and may also be trademarked.

Solutions

Virtualization for Mac Mac Remote Desktops Bare Metal Mac DevOps

Resources

Technical Docs Submit a Ticket Blog White papers and eBooks Videos Case Studies Contact Us

Company

About Us Data Centers Security & Compliance Media Partners Careers Terms / Privacy / Legal

©2025 MacStadium, Inc. is a U.S. corporation headquartered at 3340 Peachtree Rd NE, Suite 2330, Atlanta, GA 30326. MacStadium, Ltd. is registered in Ireland, company no. 562354.