Well, if you need some logos, we provide these:
svg · png
Red Clever Cloud logo
svg · png
svg · png
White Clever Cloud logo
svg · png

Security at Clever Cloud

Privacy by Design

Application sustainability picture
To send sensitive information, please take a look at our Security Policy.

Overview

At Clever Cloud, security is not an afterthought. The whole platform was designed with security in mind. Most of security work is systemic: we work on eliminating and mitigating entire classes of vulnerabilities before handling specific issues. This allows our platform to be resilient against new and unknown threats. We see and practice security as a process, a background task that underlines everything we do, not as something that’s tacked on code after it’s been written. The two pillars of our security policy are immutable infrastructure and the avoidance of trusted networks.

Immutable infrastructure

Every piece of code deployed on Clever Cloud is deployed in a short-lived, reproducible environment. Even if one of your applications gets compromised, the compromised code will automatically go away at the next deployment. This is particularly useful for commonly targeted applications like PHP CMSs.

No trusted network

It is common to place applications in a shared, unrestricted network space. By avoiding that, we provide security in depth: breaking a gate will grant you access to the next gate, not to the whole castle. This greatly reduces lateral movement, and encourages better security processes. By default, virtual machines are isolated from the network.

Traffic must be explicitly allowed, rendering the common issue of having a component mistakenly exposed to the Internet effectively impossible. All incoming traffic is untrusted and has to be allowed to reach the applications.

Vulnerability Reporting

Please see our security policy.

Security Assessments and Compliance

The Clever Cloud platform is regularly audited as part of audits and pentests run for our customers by third-party auditors. All the platform-level conclusions are forwarded to the security team and acted upon. If you wish to audit or pentest applications running on Clever Cloud, please contact us.

Data Centers

Providing first-class security along with our datacenter partners is our priority. We constantly work to enhance our security protocols and heavily fight all possible threats, ensuring minimum risk to protect your infrastructures and physical assets.

Europe-based Datacenters

Name of the hosting providerEQUINIX PA3 Paris IBX® Data Center
Address114 Rue Ambroise Croizat, Saint Denis France 93200 🇫🇷
Power RedundancyN+1
Cooling RedundancyN+1 (on chillers) N+2 (on CRAC units)
Certifications
  • FACT
  • SSAE 16/ISAE3402 SOC-1 Type II
  • PCI DSS
  • ISO 9001-2008
  • ISO 27001
  • ISO 50001
Name of the hosting providerEQUINIX PA4 Paris IBX® Data Center
Address110 Bis avenue du Général Leclerc Pantin France 93500 🇫🇷
Power RedundancyN+1
Cooling RedundancyN+1 (on chillers) N+2 (on CRAC units)
Certifications
  • FACT
  • SSAE 16/ISAE3402 SOC-1 Type II
  • PCI DSS
  • ISO 9001-2008
  • ISO 27001
  • ISO 50001
Name of the hosting providerZayo Group Velizy Data Center
Address16 Avenue de l’Europe Vélizy France 78140 🇫🇷
DesignTier III
Power and Cooling2N cooling redundancy
Network9 different carriers
Certifications
  • SOC2
  • SOC3
  • GLBA
  • HIPAA & HITECH
  • PCI DSS
  • SSAE 16
  • FISMA Moderate compliant
Features
  • 3 diesel generators with 72 hours runtime
  • 24/7 onsite staffed security
  • 25 MVA growing to 7 MVA input from utility
Name of the hosting providerOVH Roubaix RBX-5
Address2 Rue Kellermann 59100 Roubaix, France 🇫🇷
DesignTier IV
Power and Cooling
  • Systematic double power supply
  • 250 kVA per UPS device
  • Generators with an initial autonomy of 48 hrs
  • 98% of OVH hosting rooms are free from air conditioning
  • The Water cooling enables 70% of heat emitted by the processors to be dispersed
  • Air-cooling evacuates the remaining 30%
  • Energy costs halved
  • PUE below 1.2 constantly reducing our data center energy consumption.
Network
  • Minimum of 2 network connections to and within the datacenter, 2 network rooms capable of taking over from one another
  • Advanced network capacities: 10Gb+ and 40Gb+ connectivity on main network
Certifications
  • PCI-DSS,
  • ISO 27001
  • HIPAA
  • SOC 2, SOC 3
  • NIST 800-53
Features
  • OVH data centers are strictly for our own usage - servers can only be physically accessed by authorized employees
  • Access restricted by security badge control system, video surveillance and security personnel 24/7 on-site
  • Rooms fitted with smoke detection systems
  • Technicians on site 24/7
Name of the hosting providerOVH Warwaw WAW-1
AddressKazimierza Kamińskiego 6, 05-850 Ożarów Mazowiecki, Poland 🇵🇱
DesignTier IV
Power and Cooling
  • Systematic double power supply
  • 250 kVA per UPS device
  • Generators with an initial autonomy of 48 hrs
  • 98% of OVH hosting rooms are free from air conditioning
  • The Water cooling enables 70% of heat emitted by the processors to be dispersed
  • Air-cooling evacuates the remaining 30%
  • Energy costs halved
  • PUE below 1.2 constantly reducing our data center energy consumption.
Network
  • Minimum of 2 network connections to and within the datacenter, 2 network rooms capable of taking over from one another
  • Advanced network capacities: 10Gb+ and 40Gb+ connectivity on main network
Certifications
  • PCI-DSS,
  • ISO 27001
  • HIPAA
  • SOC 2, SOC 3
  • NIST 800-53
Features
  • OVH data centers are strictly for our own usage - servers can only be physically accessed by authorized employees
  • Access restricted by security badge control system, video surveillance and security personnel 24/7 on-site
  • Rooms fitted with smoke detection systems
  • Technicians on site 24/7

Asia-Pacific-based Datacenters

Name of the hosting providerOVH Sydney SYD-1
AddressSydney, Australia 🇦🇺
DesignTier IV
Power and Cooling
  • Systematic double power supply
  • 250 kVA per UPS device
  • Generators with an initial autonomy of 48 hrs
  • 98% of OVH hosting rooms are free from air conditioning
  • The Water cooling enables 70% of heat emitted by the processors to be dispersed
  • Air-cooling evacuates the remaining 30%
  • Energy costs halved
  • PUE below 1.2 constantly reducing our data center energy consumption.
Network
  • Minimum of 2 network connections to and within the datacenter, 2 network rooms capable of taking over from one another
  • Advanced network capacities: 10Gb+ and 40Gb+ connectivity on main network
Certifications
  • PCI-DSS,
  • ISO 27001
  • HIPAA
  • SOC 2, SOC 3
  • NIST 800-53
Features
  • OVH data centers are strictly for our own usage - servers can only be physically accessed by authorized employees
  • Access restricted by security badge control system, video surveillance and security personnel 24/7 on-site
  • Rooms fitted with smoke detection systems
  • Technicians on site 24/7
Name of the hosting providerOVH Singapore SGP-1
AddressSingapore, Singapore 🇸🇬
DesignTier IV
Power and Cooling
  • Systematic double power supply
  • 250 kVA per UPS device
  • Generators with an initial autonomy of 48 hrs
  • 98% of OVH hosting rooms are free from air conditioning
  • The Water cooling enables 70% of heat emitted by the processors to be dispersed
  • Air-cooling evacuates the remaining 30%
  • Energy costs halved
  • PUE below 1.2 constantly reducing our data center energy consumption.
Network
  • Minimum of 2 network connections to and within the datacenter, 2 network rooms capable of taking over from one another
  • Advanced network capacities: 10Gb+ and 40Gb+ connectivity on main network
Certifications
  • PCI-DSS,
  • ISO 27001
  • HIPAA
  • SOC 2, SOC 3
  • NIST 800-53
Features
  • OVH data centers are strictly for our own usage - servers can only be physically accessed by authorized employees
  • Access restricted by security badge control system, video surveillance and security personnel 24/7 on-site
  • Rooms fitted with smoke detection systems
  • Technicians on site 24/7

America-based Datacenters

Name of the hosting providerOVH Beauharnois Quebec BHS-6 🇨🇦
Address50 Rue de l'Aluminerie, Beauharnois, QC J6N 0C2, Canada
DesignTier III
Power and Cooling2N cooling redundancy
Network9 different carriers
Certifications
  • ISO 27001:2005
  • ISO 27002
  • ISO 27005
  • SOC 1 & 2 type II
Features
  • 24/7 onsite staffed security
  • Watercooling
  • Aircooling
  • PUE > 1,2
Name of the hosting providereStruxture Data Centers MTL-1
AddressMontreal’s city center, Canada
DesignTier III
Power
  • High power density (30kW)
  • Standard N+1 UPS solution
  • Flexible 2N (A+B) power
  • Multiple generators
  • On-site diesel storage providing 22 hours of unrefuelled operation
Cooling
  • Hot aisle/cold aisle containment
  • Customized containment pods
  • Zone monitoring to ensure environmental conditions
  • Chilled Water for high-density cooling
Security
  • Security staff on-site 24x7x365.
  • Dual layered physical access control including card access
  • Physical man-trap controls all entries and exits
  • Continuous monitoring with HD security cameras
  • Audited yearly for SOC2 Type2 compliance

PCI

We use PCI compliant payment processor Stripe for encrypting and processing credit card payments. Clever Cloud infrastructure provider is under the process of being PCI certified.

Protection Of Client Personal Data

According to our Terms of Use, CLEVER CLOUD’s commitments under the protection of CLIENT’s Personal Data (the “Personal Data” under Regulation UE n°2016/679 of April 27, 2016 “GDPR”) are described in our Terms of Use.

All the data are hosted in France by default (other regions are optionally available) and are fully GDPR compliant (we've done the work to assess our own data collection, storage practices and business practices comply with the GDPR).