Figma helps teams brainstorm, design and build better products – from start to finish, and always with security in mind. You can trust Figma – and our dedicated security team – to keep your data safe with enterprise-grade security features, compliance audits, privacy protections and all the capabilities of a fully on-demand, cloud environment.
Figma’s infrastructure is cloud-native, which means our security team can take advantage of the unparalleled scale and flexibility of the cloud. By building on top of trusted cloud vendors, Figma users benefit from the combination of an enterprise-grade network architected to protect their information and the deep expertise of Figma’s dedicated security team that is engineering-focused and always on.
Here are other measures we take to ensure Figma is secure for you and your team.
To keep all your work secure, Figma encrypts data at rest and in transit. While our services are hosted in US-based AWS facilities, servers live within Figma's own VPCs to prevent unauthorized network requests.
Easily manage access with any identity provider that supports SAML and SCIM, including Azure AD, Okta, OneLogin, and more. And use SAML SSO, 2FA, and domain capture to securely deploy Figma across your entire organization.
To keep you up and running 24/7/365, Figma's infrastructure is backed by three data centers to protect service availability. You'll also have peace of mind with real-time status updates and Figma's built-in version history.
Our security measures exceed industry standards for data protection and security.
Trust Services Principles
Service Organization Controls
Certification for cloud provider security and privacy controls
Global standard for information security management systems
Global standard that focuses on protection of personal data in the cloud
Certification for cloud provider data privacy and protection
For peace of mind, additional security and privacy compliance documentation is available via request.
Figma is dedicated to ensuring that all customer and employee personal data is treated in accordance with the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
Figma is committed to keeping your information secure and private. Your content is important to you and we take the responsibility of protecting it seriously. We’ve defined roles and responsibilities in our Shared responsibility security model to help you understand your responsibilities.
Learn about how the Figma security team helps us ship products securely, without impacting the pace of development. Our approach to security at speed.
Data is a vital component in how we improve Figma day by day. Learn more about what kind of data we use and how we use it.