About IBM Cloud compliance programs

IBM Cloud™ is designed for organizations that want a cloud environment that’s security-rich, open, hybrid, multicloud and manageable.

IBM Cloud compliance and trust certifications reaffirm IBM's commitment to protection of customer data and applications. Designed with secure engineering practices, the IBM Cloud platform features layered security controls across network and infrastructure. Basic security services are included; advanced services are available as options for high-security environments.

These compliance programs and services include IBM Cloud infrastructure and IBM Cloud Platform-as-a-Service (PaaS) offerings:

Global US Federal Government Industry Regional
CSA STAR CJIS FFIEC BaFin (Germany)
ISO 9001 DoD DISA FISC (Japan) C5 (Germany)
ISO 22301 FedRAMP HIPAA EBA (EU)
ISO 27001 FFIEC HITRUST ENISA IAF (EU)
ISO 27017 FISMA ITAR ENS (Spain)
ISO 27018 ITAR PCI EU Model Clauses
ISO 31000     EU-US Privacy Shield
SOC 1     FERPA (US)
SOC 2     G-Cloud (UK)
SOC 3     GDPR (EU)
      HDS (France)
      IRAP (Australia)
      IT-Grundschutz (Germany)
      MTCS (Singapore)
      My Number Act (Japan)
      NIS Directive (EU)

 

Resources

Protecting your cloud

Hackers seek out vulnerable cloud targets, and gaps in security can put your organization at risk. Get continuous edge-to-cloud security capabilities for your most valuable assets.

The importance of data’s physical location

Data’s location plays a huge role in how quickly and reliably it can be accessed by users. Learn how a global network foundation minimizes latency and strengthens security.