ISO 27001, SOC 1 and SOC 2
OVH has gained ISO 27001 certification because it complies with ISO 27002 good information security management practices and ISO 27005 standards for risk assessment and risk handling.
SOC 1 Type II certifies that OVH has clearly defined and implemented controls to protect the data of its customers. SOC 2 Type II evaluates these controls against the international standard, established by the AICPA (American Institute of Certified Public Accountants) in its principles on confidential services (Trust Services Principles).
Sections I of SOC 1 Type II report (ISAE 3402 or SSAE 16)
Sections I of SOC 2 Type II
Full report SOC 1 Type II (SSAE 16 or ISAE 3402)
Full report SOC 2 Type II
Subject to the signing of an NDA
Currently, only our datacentres in France and Canada have the above certifications, but we will soon be receiving these certifications for our datacentres in the UK, Germany and Poland.
CSA STAR self-assessment
OVH is listed in the Cloud Security Alliance's STAR registry for its Private Cloud solution. This initiative informs OVH customers that OVH's cloud computing services conform to the CSA's best practices. It also details the controls that OVH has implemented to ensure the security of information systems.
Consensus Assessments Initiative Questionnaire (CAIQ)
PCI DSS Level 1
The PCI DSS Level 1 certification (Payment Card Industry Data Security Standard) gives assurance to banks and users of online services that companies who handle confidential payment card data comply with specific security requirements.
PCI DSS security extended to all your VMs
Upon request and under certain conditions, OVH can provide documentation relating to these certifications. OVH authorises audits which are carried out by third parties in order to provide all interested parties with certification. If you use a different benchmark to ISO 27001 or SOC, you can ask OVH to complete your questionnaire.
Customised security service
Consultation service, with the option of completing a questionnaire on the security measures in the OVH datacentres.