Protected B is one of six security levels defined by the Government of Canada (GC) for sensitive information and assets that, if compromised, could cause serious injury to an individual, organization or government.
In 2017 the Treasury Board of Canada Secretariat (TBS), which establishes GC enterprise governance, strategy, and policy for cloud services, published the Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN) that allows for Protected B data to be hosted in the public cloud as well as for third-party audits to be leveraged for control assurance, such as ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and SOC 2 Type 2).
The Canadian Centre for Cyber Security (CCCS) assesses cloud service providers (CSPs) for Protected B security controls for information processing. Assessed services are available for use by GC agencies via a GC Cloud Services Marketplace, where CSPs with a GC Protected B framework agreement are featured.
Reports and other documentation
GC Cloud Services Marketplace: IBM Cloud Services for Government of Canada (English) (French) (links reside outside ibm.com)
IBM Cloud is an approved GC cloud provider for hosting Protected B information and assets. IBM maintains Protected B/Medium Integrity/Medium Availability (PBMM) in its Toronto multizone region (MZR), as well as in its Montreal-based IBM Cloud Data Center. Services are examined by Canadian Centre for Cyber Security (CCCS) assessors on an annual basis.
Services
- Fortigate Security Appliance
- Gateway Appliance
- Hardware Firewall
- IBM Cloud Activity Tracker
- IBM Cloud App ID
- IBM Cloud Backup
- IBM Cloud Backup for VPC
- IBM Cloud Bare Metal
- IBM Cloud Block Storage
- IBM Cloud Block Storage for Virtual Private Cloud
- IBM Cloud Block Storage Snapshots for VPC
- IBM Cloud Code Engine
- IBM Cloud Continuous Delivery
- IBM Cloud Container Registry
- IBM Cloud Databases for DataStax
- IBM Cloud Databases for Elasticsearch
- IBM Cloud Databases for EnterpriseDB
- IBM Cloud Databases for etcd
- IBM Cloud Databases for MongoDB
- IBM Cloud Databases for MySQL
- IBM Cloud Databases for PostgreSQL
- IBM Cloud Databases for Redis
- IBM Cloud Direct Link
- IBM Cloud Direct Link Connect (2.0)
- IBM Cloud Direct Link Dedicated (2.0)
- IBM Cloud File Storage
- IBM Cloud Flow Logs for VPC
- IBM Cloud Functions
- IBM Cloud Hardware Security Module
- IBM Cloud Kubernetes Service and Red Hat® OpenShift® on IBM Cloud
- IBM Cloud Load Balancer
- IBM Cloud Messages for RabbitMQ
- IBM Cloud Monitoring
- IBM Cloud Object Storage
- IBM Cloud Object Storage (IaaS)
- IBM Cloud Platform - Core Services (Account Management and Billing, Console, Global Catalog, Global Search and Tagging, Identity and Access Management, and Shell)
- IBM Cloud Satellite
- IBM Cloud Secrets Manager
- IBM Cloud Security and Compliance Center
- IBM Cloud Transit Gateway
- IBM Cloud Virtual Private Cloud
- IBM Cloud Virtual Private Cloud - Load Balancer for VPC: Application Load Balancer and Network Load Balancer
- IBM Cloud Virtual Private Cloud - VPN for VPC: Site-to-Site Gateway
- IBM Cloud Virtual Private Endpoint for VPC
- IBM Cloud Virtual Servers
- IBM Cloudant Dedicated Cluster
- IBM Cloudant for IBM Cloud
- IBM Event Streams for IBM Cloud (Enterprise)
- IBM Event Streams for IBM Cloud (Standard)
- IBM Key Protect for IBM Cloud
- IBM Log Analysis
- IPSec VPN