Service integrity and availability

The IBM® Blueworks Live change management process governs modifications to operating system resources (OSRs) and application software.

The Blueworks Live servers use a stateful firewall that is configured to block incoming traffic on ports other than 80 or 443 (HTTP and HTTPS). Port 80 is automatically redirected to port 443. The Blueworks Livechange management process governs changes to firewall rules.

Blueworks Live operations team periodically monitors and analyzes firewall logs for suspicious behavior or unauthorized access. IBM performs regular vulnerability scans. A third party performs vulnerability assessments.

An intrusion detection system is used to protect the Blueworks Live service from malicious attacks. Antivirus software runs continuously, and virus definitions are evaluated and updated regularly.

Blueworks Live uses Secure Socket Layer (TLS 1.2) technology, which provides both server authentication and data encryption.

All data disks that are used by Blueworks Live are encrypted to ensure data security and integrity.

Blueworks Live production servers use Red Hat® Enterprise Linux®. Operating system user accounts are unique and associated with specific members of the Blueworks Live operations team. Users, protocols, and processes that are identified as unnecessary for Blueworks Live operation are disabled.

A full backup is taken once per day, encrypted, signed, and stored at an offsite facility.

Blueworks Live has emergency response plans in place and tests them annually.