Overview
IBM® Netezza® Performance Server for IBM Cloud Pak® for Data as a Service ensures that your data is secured and protected by adhering to the following security and compliance standards.
Secure access control
Authentication
Both public and private NPSaaS endpoints are accessed through an HTTPS API. Where the API endpoint requires it, the user is authenticated for every HTTPS request that NPSaaS receives.
Encryption
When transmitted, content is encrypted on any public networks by using TLS 1.2 or later.
For more information, see Data security and encryption.
At rest, content is encrypted within the Cloud Data Center in the following ways:
- On AWS, by using the 256-bit AES data encryption (industry standard).
- On Azure, by using the 256-bit AES data encryption that is compliant with FIPS 140-2.
ISO 27017, ISO 27018
NPSaaS conforms to the security controls and technical and organizational measures (TOMs) that are defined in the following documents:
For more information, see the IBM Compliance Support page.
HIPAA
NPSaaS implemented the necessary controls commensurate with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security and Privacy Rule requirements. The controls include appropriate administrative, physical, and technical safeguards that are required of business associates in 45 CFR Part 160 and Subparts A and C of Part 164.