Yes, cloud can be more secure than your own data center
Organizations like yours, large and small, are relying on a cloud that is designed to be secure, protected and aligned with key standards.
As these companies become more digital, cloud is helping them transform - securely. They are using encryption, monitoring for vulnerabilities and deploying a wide range of security practices to drive confidence and stay protected.
Our services are designed to protect your proprietary content and data.
Access to client data, including any personal data, is allowed only by authorized personnel in accordance with principles of segregation of duties, strictly controlled under identity and access management policies, and monitored in accordance with IBM’s internal privileged user monitoring and auditing program.
Access to your data is only granted as necessary to deliver services and support to you (i.e., least required privilege).
We are choosing strategically to align with many industry and country requirements, while continuously monitoring regulatory environments for new requirements.
IBM has a common set of security standards across the IBM Cloud portfolio. We regularly review them against commonly accepted industry standards and regulation. Each offering is aligned with specific standards – see the offering terms for more information.
FISMA and FedRAMP
Cloud Security Alliance STAR
Many of our cloud services are self-certified under Safe Harbor (U.S.-EU & U.S.-Switzerland). Note Regarding Safe Harbor: On October 6, 2015, the EU Courts invalidated the Safe Harbor program. For more information: IBM Statement on Safe Harbor Ruling. IBM intends to make use of the robust Privacy Shield framework for Transatlantic data flows.
Our internal Information Security Management System (ISMS) supports teams in managing compliance within the superset of requirements from multiple regulatory regimes
Prior to completion of transition and integration, offerings from recent acquisitions may have different practices than those described above. The statements above may be altered as required by law or regulation.
IBM Cloud Applications: Building Security and Privacy with IBM SaaS
IBM security and privacy experts discuss IBM's security leadership and how IBM Cloud applications are protected by its security-driven culture.