Security
The secure cloud from Clever Cloud
Security is a process
Key points
Our certifications
SecNumCloud
Hosting of your data on certified partner zones
When you place your trust in Clever Cloud,
you can be sure that
The security of your data is our priority
We inform you when we detect a security vulnerability and are proactive in plugging it.
You choose where your data is stored
They are available when you need them thanks to a distribution by default.
Total control over your data
Permanent and instant control, with the possibility of withdrawing them at any time.
Your data belongs to you
They will never be sold or used for advertising purposes.
Our infrastructure is regularly tested
Regular vulnerability scans and pentests of our infrastructure guarantee the security of our cloud.
We see and practice security as an ongoing process, a background task that underpins everything we do, not as something that is added to the code after it has been written. The two pillars of our security policy are immutable infrastructure and avoidance of trusted networks.
Immutable infrastructure
All code deployed on Clever Cloud is in an ephemeral and reproducible environment, ensuring a secure cloud. Even if the security of one of your applications is compromised, its corrupted code is automatically removed the next time it is deployed. This is particularly useful for commonly targeted applications, such as PHP CMS (usually via their plugins).
Avoidance of trusted networks
We don’t believe in the ‘fortress metaphor’.
It’s the most attractive approach to IT security, but it’s also the furthest removed from our data security standards. For more than 20 years, it has been common practice to consider a network as a fortress, protected from the outside world by firewalls, NATs (Network Address Translation) and DMZs. This idea is now obsolete.
Our approach is based on security in depth, not perimeter security. Each peer on the same network is identified, authenticated and communicates in encrypted form, to avoid any possibility of harm or data theft in the event of an intrusion. This is what makes Clever Cloud a secure and reliable cloud.
Open source security tools
We are committed to developing open source security tools. Through our commitment to open source, we enable communities to contribute to the continuous improvement of our solutions.
A commitment to the strategic autonomy of data
At Clever Cloud, we are firmly committed to the strategic autonomy of data. This commitment is demonstrated by:
- Hosting data in France and in partner regions committed to sovereignty;
- Strict compliance with local and European regulations;
- Protecting data against extraterritorial laws by hosting it in France by default or in regions that respect confidentiality;
- The development and promotion of tools and practices that strengthen the security of our customers’ data.
To find out more about our commitment to strategic data autonomy, read our blog post.
BLOG