Protecting your work and information is our highest priority. Here are some of the measures we take to ensure Figma is secure for you and your team.
To keep all your work secure, Figma encrypts data at rest and in transit. While our services are hosted in US-based AWS facilities, servers live within Figma's own VPCs to prevent unauthorized network requests.
Easily manage access with any identity provider that supports SAML and SCIM, including Azure AD, Okta, OneLogin, and more. And use SAML SSO, 2FA, and domain capture to securely deploy Figma across your entire organization.
To keep you up and running 24/7/365, Figma's infrastructure is backed by three data centers to protect service availability. You'll also have peace of mind with real-time status updates and Figma's built-in version history.
Our security measures exceed industry standards for data protection and security.
Trust Services Principles
Service Organization Controls
Global standard for information security management systems
Global standard that focuses on protection of personal data in the cloud
Certification for cloud provider security and privacy controls
For peace of mind, additional security and privacy compliance documentation is available via request.
Figma is dedicated to ensuring that all customer and employee personal data is treated in accordance with the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Figma is committed to keeping your information secure and private. Your content is important to you and we take the responsibility of protecting it seriously. We’ve defined roles and responsibilities in our Shared responsibility security model to help you understand your responsibilities.