# Trust at Asana > More than 100,000 of the world’s most innovative businesses trust Asana to securely orchestrate their work. Source: https://asana.com/trust #### Trust at Asana More than 100,000 of the world's most innovative enterprises trust Asana to keep their data safe. - [Get the white paper](https://security.asana.com/?itemUid=382f924d-54f3-43a8-a9df-c39e6c959958&source=click) - [Contact sales](/sales) #### Loved by millions of users in the largest organizations around the world. #### How Asana earns trust Benefits #### Security Data protection is key to support teams’ success, so we incorporate security into our product and operations. - [Learn more](#security) #### Reliability We invest in our infrastructure to support deployments of 100 or 100,000 and beyond. - [Learn more](#reliability) #### Privacy We're committed to protecting your privacy through our product, infrastructure, and data governance. - [Learn more](#privacy) #### Compliance We adhere to global, regional, and industry regulations to help you meet compliance standards. - [Learn more](#compliance) #### Protect your work Security Asana takes a security-by-design approach to protecting your data. We build our platform using best practices for highly available, scalable, and secure cloud applications. #### Security infrastructure Asana’s infrastructure is designed with layers of protection to help ensure your data is secure while transmitted, stored, or processed. Protections include encryption, least privilege access, secure software development, and a [public bug bounty program](https://bugcrowd.com/asana). #### Operational security Our information security team continuously implements new security controls and monitors Asana for malicious activity across physical data centers, networks, and IT devices. #### Product security Asana provides a robust set of in-product data protection and [admin controls](/guide/help/premium/admin-console#gl-security) for greater visibility and control over your data. Enterprise admins can securely deploy Asana to their organizations with [two-factor authentication](https://help.asana.com/hc/en-us/articles/14074927390619-Mandatory-two-factor-authentication), [SSO](https://help.asana.com/hc/en-us/articles/14109494654875-Admon-console#gl-sso), [SAML 2.0](https://help.asana.com/hc/en-us/articles/14109494654875-Admon-console#gl-saml), and data controls for the mobile app. #### Now Available: Data Loss Prevention, Archiving, eDiscovery integrations Increase data protection and help meet your organization's most critical compliance needs. Get alerts when sensitive data is added to Asana, pull data into your archiving solution, and extract data for litigation and investigations. - [Learn more](https://help.asana.com/s/article/audit-suite-api-and-integration-support?language=en_US#gl-dlp) - [Learn more](https://help.asana.com/s/article/audit-suite-api-and-integration-support?language=en_US#gl-dlp) #### Monitor your system Reliability #### Uptime and availability Asana offers 24/7 priority support and a 99.9% uptime commitment to Enterprise customers, and provides transparency into real-time and historical [platform status](https://status.asana.com/). #### Business continuity Asana’s infrastructure investments provide daily backups, regional backups, and [recovery procedures](/guide/help/faq/security) for restoring services in the event of unavoidable failures. #### Protect what matters Privacy We have a comprehensive privacy compliance program that aligns our practices with regulations such as the General Data Protection Regulation and California Consumer Privacy Act. #### Privacy controls Asana provides in-product [admin controls](/guide/help/premium/admin-console), both user and object-level permissions, and the ability to define which third-party applications are accessible to your team. #### Data governance Asana allows customers to export and delete data at the organization level and automate full-domain exports through our [API](/guide/help/api/api). #### Data residency Asana offers global data residency options with data centers in [Europe](https://blog.asana.com/2019/12/eu-data-center/), [Australia](https://asana.com/guide/help/faq/australian-data-center?utm_source=smarp&utm_medium=social&utm_campaign=AusData) and [Japan](https://forum.asana.com/t/japan-data-center-is-now-live/240661) so customers have more control over where their data is stored. #### Enterprise Key Management Gain more control over your data and help meet your organization’s most critical compliance needs by using your own [encryption key](https://help.asana.com/hc/en-us/articles/14101076971803) on your Asana data. #### Certifications and attestations COMPLIANCE #### SOC 2 (Type 2) Security, availability, confidentiality, and privacy trust services criteria - [Read documentation](https://security.asana.com/?itemUid=7bfa66da-33ab-49de-8391-e329738a1ae9&source=title) #### SOC 3 Overview of Service Organization Controls - [Read documentation](https://security.asana.com/?itemUid=b2671060-5c66-4d9c-b70f-af4ab3dbd45a&source=title) #### GDPR Data protection and data subject rights for EU residents - [Read documentation](https://asana.com/terms#privacy-commitment) #### US State Privacy Laws Compliant with relevant US state privacy laws in California, Colorado, Virginia, and more - [Read documentation](https://asana.com/terms#privacy-commitment) #### ISO/IEC 27001:2022 Global standard for information security management systems - [Read documentation](https://security.asana.com/?itemUid=1fed9faa-4a87-427c-9a95-96b4d6bf66b7&source=click) #### ISO/IEC 27017:2015 Code of practice for information security controls for cloud services - [Read documentation](https://security.asana.com/?itemUid=0c1fdf36-c946-4670-9354-8fa3e4260ab1&source=title) #### ISO/IEC 27018:2019 Code of practice for protecting personally identifiable information (PII) - [Read documentation](https://security.asana.com/?itemUid=d9cdeb36-7f27-4904-962f-d39c6d32384a&source=title) #### ISO/IEC 27701:2019 Privacy information management standard supporting compliance with global privacy laws - [Read documentation](https://security.asana.com/?itemUid=dc79cbc7-c99d-4eb9-891e-f5dc44b943d7&source=title) #### CSA STAR Level 1 Cloud security controls compliance self-assessment - [Read documentation](https://cloudsecurityalliance.org/star/registry/asana-inc/services/asana/) #### HIPAA Protection of patient health information in the United States - [Read documentation](https://security.asana.com/?itemUid=aec41c33-0f3a-4030-ac59-49adfd4a975b&source=click) #### GLBA Privacy Rule and Safeguards Rule for financial institutions - [Read documentation](/terms#privacy-commitment) #### FERPA Privacy rights for educational information and records - [Read documentation](/terms#privacy-commitment) #### APPI and other global privacy laws Protection of the personal information for residents of Japan and other relevant global privacy laws - [Read documentation](/terms#privacy-commitment) #### More on Asana security - [Get the white paper](https://security.asana.com/?itemUid=c6baf16e-0c50-44c4-accb-ff002acb78dd&source=search) - [Contact sales](/sales) *Accurate as of December 2023, includes free and paid users.