Protect your expertise and assets.

Security is one of the top concerns among organisations looking to move their workloads to the cloud. The IBM SmartCloud is designed to offer a safe environment populated with an array of security features.

IBM has obtained an SOC 1 report, which ensures that IBM SmartCloud Enterprise has appropriate controls to safeguard consumer data and that controls are operating effectively.

The SOC 1 audit was completed by PricewaterhouseCoopers (PwC) for the testing period of June 1, 2012 – November 30, 2012. All six IBM SmartCloud Enterprise data centers were included in the assessment: Raleigh, North Carolina, USA; Boulder, Colorado, USA; Toronto, Ontario, Canada; Ehnigen, Germany; Makuhari, Japan; Singapore, Singapore.

The scope of the assessment included physical security and environmental controls, change management, problem management, computer operations, and logical security.

To further enhance our security standards and the protection offered to our customers, IBM has completed the necessary steps to earn ISO 27001 Certification. The ISO (International Organisation for Standardisation) 27001 standard provides a framework to ensure that the certified organisation addresses security needs for its customers.

The certification from Bureau Veritas was attained for all IBM SmartCloud Services data centers. Customers in all centers now benefit from:

• Secure Shield Internet connectivity
• Additional firewall and intrusion protection
• New distributed denial of service protection
• New Botnet protection
• Updates to hypervisor and additional level of isolation

IBM has obtained certificates to the ISO 27001 standard by country and/or business unit. To review the entire list, please visit the IBM ISO 27001 web site (US).

Virtual infrastructure

• Firewall and IPS/IDS between guest virtual machines (VMs) and the Internet
• IP-filtering Technology and multiple IP addresses per instance for enabling security zones
• Optional virtual private network (VPN) and virtual local area network (VLAN) isolation of account instances
• Encrypted connections—IBM is isolated from customer VMs through customer secure shell (SSH) keys and server passwords
• Hypervisor-based (Kernel-based Virtual Machine) isolation with client-configurable firewall rules
• Public images patched and scanned regularly
• Patch servers for private images
• Root access for customers to guest virtual machines, allowing further hardening of VMs
• No sharing of private images between accounts on the cloud

Management infrastructure

• Access to the infrastructure through the portal and applications programming interfaces (APIs) requires an ID and password
• Compliant with IBM’s stringent security policies, including regular security scans

Delivery centres

• The IBM SmartCloud is delivered out of these certified IBM data centres:
  • Raleigh, North Carolina, USA
  • Boulder, Colorado, USA
  • Toronto, Ontario, Canada
  • Ehningen, Germany
  • Makuhari, Japan
  • Singapore
• Physical security is the same as for IBM internal data centres
• Clients choose which delivery centres will house their servers and associated data storage

Videos

• Connecting to an instance using SSH
• Establishing a Virtual LAN
• Setting up the firewalls

Talk to an expert

• 

  Adrian Mcgrogan

  UK - Tel: +44 2392 289 083

• 

  David Barry

  UK - Tel: +44 2392 289 083

Go deeper

• Try the SmartCloud simulator
• Estimate your costs
• Getting started: Steps to a productive experience on the IBM cloud
• How to upload and download files from a Windows instance
• How to install the IIS web server on Windows 2008 R2
• High availability apps in the IBM cloud
• Cognos cloud best practices