Certifications

OVH guarantees that your Private Cloud complies with ISO/IEC 27001:2013 certification, SOC 1 Type II (SSAE 16 and ISAE 3401) and SOC 2 Type II international certifications and PCI DSS level 1 certification.

ISO 27001, SOC 1 and SOC 2

OVH complies with ISO 27002 to ensure good information security management practices and ISO 27005 standards for risk assessment and risk handling.

SOC 1 Type II certifies that OVH has clearly defined and implemented controls to protect the data of its customers. SOC 2 Type II evaluates these controls against the international standard, established by the AICPA (American Institute of Certified Public Accountants) in its principles on confidential services (Trust Services Principles).

Public documents

ISO certificate

Sections I of SOC 1 Type II report (ISAE 3402 or SSAE 16)

Sections I of SOC 2 Type II

Free


ISO service

ISMS Scope and Perimeter

Public Statement of Applicability

Audit report (English)

$700

Subject to the signing of a NDA


SOC service

Full report on SOC 1 Type II (SSAE 16 or ISAE 3402)

Full report on SOC 2 Type II

Ask our advice

Subject to the signing of a NDA



CSA STAR self-assessment

OVH is listed in the Cloud Security Alliance's STAR registry for its Private Cloud solution. This initiative informs OVH customers that OVH's cloud computing services conform to the CSA's best practices. It also details the controls that OVH has implemented to ensure the security of information systems.


Consensus Assessments Initiative Questionnaire (CAIQ)

Free


PCI DSS Level 1

The PCI DSS Level 1 certification(Payment Card Industry Data Security Standard) gives assurance to banks and users of online services that companies who handle confidential payment card data comply with specific security requirements.


PCI DSS security extended to all your VMs

Ask our advice


On-site audit

Upon request and under certain conditions, OVH can provide documentation relating to these certifications. OVH exclusively authorizes audits carried out by third parties with the goal of certification for all interested parties. If you have a different frame of reference to ISO 27001 or SOC, you can make a request for OVH to complete your questionnaire.

Customized security service

Advisory service, with the option of completing a questionnaire on the security measures in the OVH datacenters.


Upon quotation