IBM Cloud Docs
Data security and encryption

Data security and encryption

IBM® Netezza® Performance Server for IBM Cloud Pak® for Data as a Service has security built into its architecture.

The following methods are used to secure your connection and data:

  • All the connections to the database server are TLS 1.2 connections.

  • NPSaaS supports the following suites of Cipher with 2048 bit RSA key size for TLS communication:

    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
    • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
  • User data is stored on secure reliable storage (as a service) from the cloud providers. For Azure, Azure Premium disks.
    For AWS, Amazon Elastic Block Store (EBS).

  • The data is encrypted at rest by using cloud provider key management service.

  • Snapshots are stored on Cloud Object Storage (COS), which is replicated across AZs in the region in which it was created and are encrypted at rest and in transit.

Data deletion

When you delete an instance, all the data and snapshots associated with the instance are deleted immediately.