Data security and compliance
App Configuration service has data security strategies in place to meet your compliance needs and ensure that your data remains secure and protected in the cloud.
Security readiness
App Configuration ensures security readiness by adhering to IBM best practices for systems, networking, and secure engineering.
To learn more about security controls across IBM Cloud, see How do I know that my data is safe?.
To learn more about how your data is secured in App Configuration, see securing your data in App Configuration.
Data encryption
Access to App Configuration takes place over HTTPS and uses Transport Layer Security (TLS) to encrypt data in transit.
For more information on supported TLS ciphers, see TLS cipher support.
If you attempt to use a cipher that is not on this list, you may experience connectivity issues. Update your client to use one of the supported ciphers. If you are using openssl, you can use the command openssl ciphers -v at the command line (or, for some installations of openssl, use the -s -v options) to show a verbose list of what ciphers your client supports.
Compliance readiness
App Configuration meets controls for global, industry, and regional compliance standards, including ISO 27001/27017/27018/27701, FS Cloud internal validated, C5 and others.
For a complete listing of IBM Cloud compliance certifications, see Compliance on the IBM Cloud.
ISO 27001, 27017, 27018, 27701, SOC 2, FS Cloud internal validated and C5
App Configuration is ISO 27001, 27017, 27018, 27701, FS Cloud internal validated and C5 certified. You can view compliance certifications by visiting Compliance on the IBM Cloud.
Secrets management
By integrating App Configuration with Secrets Manager, you can store your secrets securely in Secrets Manager and use the secrets in your application through App Configuration. App Configuration stores metadata of Secrets Manager instance instead of storing the secrets. This metadata is called as a secret reference as part of the Properties type in App Configuration.