Friday, February 3, 2017

Security and Compliance for IBM dashDB and Cloudant

Database Security and Compliance
Database Security & Compliance
I often get asked about the security features of IBM dashDB and Cloudant. Both are database services ("DBaaS") offered on IBM Bluemix. Once the security topic is dealt with, compliance-related questions are next. A good chunk of questions can be answered by going over the provided product documentation. Here are the links to get you started on database security and compliance.


Security and Compliance Documentation

Both dashDB and Cloudant are listed on the security and compliance page for Bluemix as having the ISO 27001 and SOC 2 certifications. Also, the basic concepts of securing data-at-rest (data stored on disk), data-in-transit (data transmitted over the network) and data-in-use (data currently processed in memory) are explained. Overview information for data protection is also provided in the guide to Securing Workloads on IBM Cloud. Bluemix also provides a Trust Center on its product portal. But that is just general information. For specifics we have to visit the product-related documentation.

For the Cloudant database-as-as-service there is information on the Bluemix documentation site as well as on the Cloudant site:
For dashDB similar information can be found again on the Bluemix documentation site as well as in the Knowledge Center for dashDB:
I hope that the provided links help to answer your general questions on Cloudant and dashDB security and compliance topics, two of the DBaaS offerings on IBM Bluemix.