Responsibilities for operating services in your deployment

In IBM Cloud, the responsibilities for deploying, operating, and securing products are shared between IBM and you, the application provider. It is important for you to understand these responsibilities for every IBM Cloud service you've deployed as part of the reference architectures.

Depending on the product, the responsibility for the following types of tasks (which span activities for Day 0, Day 1, and Day 2) can be exclusive to IBM, you, or shared. The tasks for each type of product are grouped in the following categories, which cut across nearly all of the IBM Cloud Framework for Financial Services's best practices and requirements.

Incident and operations management: Includes tasks such as monitoring, event management, high availability, problem determination, recovery, and full state backup and recovery.
Change management: Includes tasks such as deployment, configuration, upgrades, patching, configuration changes, and deletion.
Identity and access management: Includes tasks such as authentication, authorization, access control policies, and approving, granting, and revoking access.
Security and regulation compliance: Includes tasks such as security controls implementation and compliance certification.
Disaster recovery: Includes tasks such as providing dependencies on disaster recovery sites, provision disaster recovery environments, data and configuration backup, replicating data and configuration to the disaster recovery environment, and failover on disaster events.

For more information, see Shared responsibilities for using IBM Cloud products.

The following table provides references that describe your responsibilities for each Financial Services Validated service in the reference architecture.

Table 1. Your responsibilities for IBM Cloud services in the reference architectures
Category	VPC reference architecture	Satellite reference architecture	Optional for both
Core	VPC infrastructure services ^[1]	Satellite
Containers	Red Hat OpenShift on IBM Cloud Container Registry ^[2]	Red Hat OpenShift on IBM Cloud ^[3] Container Registry
Networking	VPC infrastructure services Direct Link Transit Gateway
Storage	Block Storage for VPC Object Storage	Object Storage
Security	Hyper Protect Crypto Services	Hyper Protect Crypto Services	App ID ^[4]
Logging and monitoring	Activity Tracker Event Routing Security and Compliance Center Flow Logs for VPC	Activity Tracker Event Routing Security and Compliance Center
Integration			Event Streams

Includes VPC, Dedicated hosts for VPC, Auto Scale for VPC, Application Load Balancer for VPC, VPN for VPC, DNS Services, and VPE for VPC. ↩︎
There is not a specific shared responsibility article for Container Registry. ↩︎
Satellite-enabled service which runs in your Satellite location. ↩︎
There is not a specific shared responsibility article for App ID. ↩︎

Responsibilities for operating services in your deployment

Responsibilities for Financial Services Validated services