Access control

IBM® employees do not have direct access to customer data, except as necessary for maintenance, backups, and upon customer requests for support. IBM does not monitor, evaluate, or share information entered into IBM Blueworks Live by customers.

Remote management of the Blueworks Live production servers is performed by authorized Blueworks Live operations team personnel via an encrypted VPN link. Access is logged.

There is no usage of Wi-Fi on the production data systems network of the data center where Blueworks Live is hosted. Wi-Fi technology is used in the same facility, but on a separate network from the Blueworks Live production network.

Users access Blueworks Live using an IBMid, or using an email address and a unique password, or via a SAML 2.0 integration with the customer's identity provider.

Communication with Blueworks Live – including names and passwords – is encrypted in transit via SSL. The Blueworks Live architecture includes authentication checks at the application server and database levels. Passwords stored in Blueworks Live are hashed and salted.