IBM Cloud Docs
Your responsibilities when using IBM Cloud Object Storage

Your responsibilities when using IBM Cloud Object Storage

Learn about the management responsibilities and terms and conditions that you have when you use IBM Cloud® Object Storage. For overall terms of use, see Cloud Services terms.

Operational responsibilities

IBM responsibilities

  • Maintaining SLAs as stated in IBM Cloud Object Storage Service Description.
  • Ensure client gets appropriate notifications regarding availability and downtime of its resources.
  • Monitor service performance related metrics such as network, storage, and compute capacities.
  • Monitor and manage service health and availability.

Your responsibilities

  • Ensuring data back-ups if necessary.
  • Mitigating potential accidental deletion of data. If applicable the client should store archive data in buckets configured with a data retention policy to help address data loss due to accidental deletion. IBM is unable to “un-delete” data.
  • Monitor and manage non-IBM network resources to ensure appropriate access to IBM Cloud service endpoints including capacity and availability.
  • Provisioning Object Storage buckets with the appropriate resiliency option, storage class, data locality, and optional configurations necessary for the specific workload and use case.

Managing infrastructure and the cloud environment

IBM responsibilities

  • Deployment, provisioning, managing IBM Cloud Object Storage resources offered to clients.
  • Ensuring availability of adequate resources to allow for scaling of client resources for client usage requirements.
  • All physical and environmental controls.

Your responsibilities

  • Ensure proper network access and capacity is available and can reach the designated Object Storage service endpoints. (private or public).
  • Ensure applications can interact with the COS S3 API either via native support or with the addition of a hardware or software gateway solution.

Security

IBM responsibilities

  • Security and monitoring of the environment of IBM data center security guidelines.
  • Encrypting client data when at-rest and in-transit between different IBM Cloud data center locations as part of resiliency options offered to clients.
  • Continuous monitoring of resources to check for vulnerabilities and security breaches.

Your responsibilities

  • Client controls access to IBM Cloud Object Storage provisioned resources and is responsible for ensuring access to client data is only provided to appropriate resources within the client organization.
  • After retrieving data from IBM hosted Object Storage, client takes full responsibility to ensure the security and privacy of any local copies maintained.
  • If applicable, manage customer provided encryption keys via S3 API or through IBM hosted key management services.
  • Scanning of user data for viruses, malware, etc prior to uploading objects to the IBM Storage platform.

Compliance

IBM responsibilities

  • IBM Cloud Object Storage to maintain controls commensurate with the compliance certifications/attestations as stated in official data sheets.

Your responsibilities

  • Client responsibility to ensure and seek appropriate legal guidance in order to validate its compliance with pertinent industry compliance certifications and regulations.
  • Client to ensure its use of Object Storage resources are inline with the terms and conditions set forth in the IBM Cloud Service Description and any other associated transaction documents.