Privacy & Compliance

Certifications, Regulations and Standards

Our dedicated Information Security and Privacy teams are responsible for maintaining McAfee's compliance to a variety of laws, standards, and frameworks, including:

DoD Impact Level (IL2)
Cloud computing security requirements for the US Department of Defense for Impact Level 2
U.S. government program providing a standard approach to security, authorization and monitoring
European Union General Data Protection Regulation (GDPR)
ISO 27001
Information technology - Security techniques - Information Security Management Systems - Requirements
ISO 27701
Information Technology - Security techniques - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management - Requirements and guidelines
ISO 27017
Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services
ISO 27018
Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
PCI DSS v3.2.1 - PCI Data Security Standard Requirements and Security Assessment Procedures
Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five "trust service principles"-security, availability, processing integrity, confidentiality and privacy
TISAX (Trusted Information Security Assessment Exchange) certification enables mutual acceptance of Information Security Assessments in the automotive industry
CSA Security Trust Assurance and Risk (STAR)
The Cloud Security Alliance Security Trust Assurance and Risk (STAR) Program encompasses key principles of transparency, rigorous auditing, and harmonization of standards
Transparency Reports
McAfee is committed to publishing data regarding requests or demands for customer data received from law enforcement and national security agencies

More Information

Contact Us
Back to Top