Security and Certifications

We are fully focused on security, at all levels of our organization and our infrastructure.

Security provides support against increasingly sophisticated and dangerous global threats.
It is a high priority in all our data centers and processes, and for all our customers worldwide. This high level of security is the result of our team of experts combining with cutting-edge automation based on artificial intelligence. We build this security on three firm foundations:

Expertise

Our team is constantly analyzing and processing any information and alerts, ensuring we always remain active and reactive, whatever the alerts and threats that may affect our infrastructure or our customers.

Resilience

For 20 years, we have dealt with threats through constant innovation. Hardware and software protection, such as OVHcloud Anti-DDoS, is included as standard with all products.

End-to-end

Security is much more than just an IT issue. It is an end-to-end value chain protecting the customer, protecting the OVHcloud infrastructure, and securing the path between the two.

OVHcloud Security commitments

We are committed to ensuring security in the cloud. To this end, we take a large-scale industrial approach to security, ensure that we are a trusted player in the ecosystem, and operate a trusted cloud.

Focusing on security

As well as doing everything we can to keep data safe, we also place a big emphasis on ensuring our network is highly secure. The network plays a key role in delivering high security to our customers.

We have 21 years of experience in networking, including eight years of experience growing and innovating in anti-DDoS solutions, and carefully selecting partners for backbone building.

We are able to correlate technical data across all our product ranges to produce the most efficient protection.
We keep focusing on higher network protection against cyber attacks, for example by releasing in 2020 a scalable software-defined advanced anti-DDoS solution.
This enables future enhancements such as Anti-DDoS as a Service, by embedding the protection system into Virtual Network Functions (VNFs), providing on-demand, highly available, highly scalable protection systems.

1.

Our own high-quality global network, committed to the highest security standards.

2.

NSX and vRack Secure your platform with micro-segmentation of private L2 that spans global data centers.

3.

SSL Gateway Service: up to 10,000 concurrent connections. Optional Anycast DNS service.

4.

Highest compliance and certification standards. - Anti-DDoS: highly resilient Layer 4-7 DDoS protection built into the network

Certifications

Our security is regularly assessed and certified:

Focusing on resilience

We guarantee the resilience of our infrastructures according to the standards of the cloud industry:

All our power sources are redundant

Two separate sources of energy power all of our data centers. Generators (with an autonomy of 24 to 48 hours) are deployed at all our sites to take over in case of failure of the main energy sources or failure of redundancy. To start the generators, UPS systems provide uninterruptible power supply.

Our entire network ensures continuous QoS

The network access of all our data centers is based on the deployment of a fully redundant proprietary global network. Two separate network flows connect each data center to this global network.

Fire detection and extinction

By detecting fire at the earliest stage, the high-end systems deployed in our data centers meet the needs of the most strategic and critical infrastructures. In all our data centers, qualified employees to carry out fire extinguishing are present 24/24, 7/7.

Monitoring and surveillance

Our detection systems are integrated into the global monitoring system of our data centers. A dedicated security team is therefore present in each of our data centers, supported by an HSE (Hygiene Safety Environment) team, made up of engineers and senior technicians, who guarantee compliance with the regulations applicable to our industrial activities and standards. international organizations in the field of health, safety at work and the environment.

SecNumCloud Qualification

The SecNumCloud qualification stands as the highest standard of security and data protection against advanced cyberattacks for clients in need of a trusted cloud. It is delivered by the French Cybersecurity Agency (ANSSI).

With a total of over 80 customers using OVHcloud SecNumCloud qualified Private Cloud solutions, the Group is in a unique position to help organisations and institutions alike in modernizing their IT in compliance with the Cloud at the Center doctrine. Established in 2021 and specified in the summer 2023, France’s Cloud at the Center strategy requires that administrations perform hosting of personal data as well as sensitive data on a SecNumCloud qualified Cloud.

Since 2021, OVHcloud Private Cloud solutions have the SecNumCloud label delivered by the French Cybersecurity Agency (ANSSI). Recently, we renewed our SecNumCloud 3.2 qualification, proving that our Private Cloud offering fulfills the highest standards of security in Europe.

Addressing growing demand for trusted services protecting data from threats, cyber risks and extra-territorial regulations, shaping the future of the Trusted Cloud, OVHcloud’s SecNumCloud services are now hosted in 3 datacentres in France: Roubaix, Gravelines and Strasbourg.