Managing security
IBM® IoT Connected Vehicle Insights is built on the highest standards of security internally and was audited to ensure compliance specifically with ISO 27001.
IBM Security guidelines
IBM® uses a holistic approach to data security to help protect your data. Every IBM Cloud service is designed, developed, and managed according to the strict security policies and implementation guidelines of IBM, and services are provided to you under the binding commitments of the IBM Data Security and Privacy Principles. Also, see the following documents.
Security standards
The IBM IoT Connected Vehicle Insights data centers are secure and comply with the following ISO security standards:
-
ISO/IEC 27017 Cloud Security
-
ISO/IEC 27018 Cloud Privacy
-
ISO/IEC 27002 Information Security
-
ISO 27001 Information Security
IBM IoT Connected Vehicle Insights processes IBM Cloud customer data for the associated customer system and service, unless stated differently in the Agreement.
IBM IoT Connected Vehicle Insights processes a backup of the related IBM Cloud customer data at least weekly for the production instance. The backup data is encrypted and stored in a separate system from the customer dedicated environment. Backup and restoration are done through a private network with controls at the same level as the production system.
Managing access to your service
Access to the components and available APIs of IBM IoT Connected Vehicle Insights is controlled by using authorized credentials and URLs. In some instances, for example, to use the monitoring dashboard, or support portal, you need a valid IBMid that is authorized to access that resource.
The component URLs and API credentials for your service instance are specified in your customer welcome pack, which is provided when your service is provisioned. The URLs and credentials are managed by the IBM Cloud team.
Important: As an IBM Cloud customer, you are responsible for ensuring that authorized IBMids and service credentials are securely managed and regularly verified. IBM IoT Connected Vehicle Insights provides user ID management capability to IBM Cloud customers. To protect the system from unauthorized access, the IBM Cloud customer has responsibility to manage these IBMids with secure control such as registration, deregistration, variation, roles assignment, secret authentication. To prevent unauthorized access to your service, you are also responsible for contacting IBM to request that invalid, or obsolete accounts are removed. To add or revoke access to IBM IoT Connected Vehicle Insights or to report a security breech, contact the IBM Cloud team immediately. To contact the IBM Cloud team, sign in to the IBM Support Community portal and open a support request.
Mutual TLS authentication support
IBM IoT Connected Vehicle Insights supports mutual SSL/TLS client certificate authentication. For example, you can use client certificate authentication to establish secure communication between IBM IoT Connected Vehicle Insights and the devices that send car probe data.
Note: IBM IoT Connected Vehicle Insights does not act as a certificate authority and does not sign client certificates. Appropriate certificate authority certificates from the client are set up on the IBM IoT Connected Vehicle Insights servers. Contact the IBM IoT Connected Vehicle Insights support team to discuss specific details of mutual authentication design and pricing.