Trust and Security at Qlik

Empowering organizations with solutions they can trust

Qlik’s solutions are designed to ensure high performing, highly available global environments through which you can safely and securely integrate your data, analyze your data and share insights. Whether you’re using our cloud service, deploying Qlik yourself or using a hybrid approach, we offer a world-class architecture and experience designed to confidently meet your security, compliance, and privacy needs.

Cyberspace Capabilities Centers Logo

Security

Security at Qlik is embedded across the company and an integral part of how Qlik develops software. It is designed to cover all facets of security disciplines within the company from software development to SaaS operations to corporate information technology security.

Qlik incorporates leading security technologies and modern open standards to provide users with the confidence that their data and analyses are secure. Additionally, Qlik Cloud and its operating infrastructure provide security using a number of methods.

  • Secure Software Development Lifecycle

    Qlik’s development model follows an adapted implementation of the Scaled Agile Framework (SAFe) and industry best practices for quality assurance. Qlik’s Software Security Office incorporates regular static code analysis, threat modelling, third-party vulnerability scanning, and pen-testing into Qlik’s software development process.

  • Vulnerability Management

    For security-related incidents, Qlik follows a Responsible Disclosure approach for any vulnerability that rates as High or Critical by our Software Security Office. This approach includes publishing Security Bulletins to our customer and partner portals, collaborating with the reporter of the vulnerability if applicable, creating software fixes as soon as possible, and/or providing mitigation until fixed.

  • Secure Operations

    Qlik proactively monitors production environments to identify and resolve any vulnerabilities that could compromise data security. Qlik works with independent third parties who perform vulnerability assessments against the infrastructure, platform and applications that make up Qlik’s product portfolio.

  • Approvals

    Qlik Sense® Enterprise is listed on the Cyberspace Capabilities Center’s (formerly Air Force Network Integration Center) Evaluated Products List. Qlik Sense Enterprise has approvals to operate (ATO) with the Army, Navy, Air Force and Marine Corps and Defense Agencies.

Certifications and Accreditations

  • FedRAMP

    FedRAMP

    Qlik has successfully achieved the Federal Risk and Authorization Management Program’s (FedRAMP) Authority to Operate (ATO) at the FedRAMP Moderate Impact Level (IL) and Department of Defense IL2, providing security and compliance for the US Public Sector.

    FedRAMP Marketplace

  • HIPAA

    Qlik has successfully completed a SOC 2 Type 2 + HITRUST CSF Attestation which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls relative to the protection of Personal Health Information and US HIPAA Regulatory requirements. The HITRUST Common Security Framework is a widely adopted security and privacy framework in the Healthcare industry. Qlik's compliance to the framework is tested via a rigorous examination by an independent Accounting firm to the HITRUST CSF criteria.
  • ISO 27001 Logo

    ISO 27001

    Qlik meets the standards of ISO 27001, an information management security specification for information management systems (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization's information risk management processes.
  • AICPA SOC Logo

    SOC 1

    Qlik has successfully completed a SOC 1 Type 2 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls, reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting. SOC 1 is a rigorous examination by an independent Accounting firm based on AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.
  • AICPA SOC Logo

    SOC 2

    Qlik has successfully completed a SOC 2 Type 2 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC 2 is a rigorous examination by an independent Accounting firm based on AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.
  • AICPA SOC Logo

    SOC 3

    Qlik has successfully completed a SOC 3 assessment which provides an evaluation on the suitability of the design and operating effectiveness of Qlik's internal controls. SOC 3 is a rigorous examination by an independent Accounting firm based on AICPA Trust Services Principles and Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.
  • TISAX

    TISAX

    Qlik has completed the Trust Information Security Assessment Exchange (TISAX) assessment. This standard provides the European automotive industry a consistent, standardized approach to information security systems.

Check operational uptimes across all of our global regions.

Privacy

Data is one of your business’s most critical assets, which is why we treat it with the utmost care. Through security- and privacy-by-design development processes, Qlik ensures our solutions align with the latest data protection and privacy laws around the world, such as GDPR.

ADA Site Compliance Logo

Accessibility

Qlik is committed to making our data and analytics platform available to everyone, with a world-class experience for users of all abilities. Ongoing product updates and new features enable users to consume data and visualizations.

Have questions related to security at Qlik?