|Database Security & Compliance|
Security and Compliance DocumentationBoth dashDB and Cloudant are listed on the security and compliance page for Bluemix as having the ISO 27001 and SOC 2 certifications. Also, the basic concepts of securing data-at-rest (data stored on disk), data-in-transit (data transmitted over the network) and data-in-use (data currently processed in memory) are explained. Overview information for data protection is also provided in the guide to Securing Workloads on IBM Cloud. Bluemix also provides a Trust Center on its product portal. But that is just general information. For specifics we have to visit the product-related documentation.
For the Cloudant database-as-as-service there is information on the Bluemix documentation site as well as on the Cloudant site:
- General Cloudant Overview offered by Bluemix documentation
- The security concepts and details can be found on the Cloudant DBaaS Data Protection & Security page at Cloudant.
- The page Cloudant Security Compliance provide an overview and more information on the ISO 27001 and SOC 2 certifications as well as on HIPAA, a certification for the health insurance industry.
- An overview of dashDB along with resource links is offered by the Bluemix documentation
- In the Knowledge Center is an overview page for the IBM dashDB security and compliance topics
- The Security Compliances for dashDB Managed Service lists details on the ISO 27001, SOC 2 and HIPAA certifications and which service plans have been certified.
- Some details regarding encrypted data-at-rest for both the data stored in the database and in backups is in the overview of dashDB Managed Service.