The Center for Internet Security® (CIS) benchmark continues IBM’s commitment to enhancing the security, privacy and compliance of the IBM Cloud.

CIS is a non-profit organization founded in October of 2000. CIS utilizes the power of the global IT community to achieve its mission of making the connected world a safer place. Cybersecurity subject matter experts all contribute to identify, refine and validate security protocols that may apply to users small and large worldwide.

CIS Benchmarks™ are a collection of industry best practices for securely configuring IT systems, software and networks. Benchmark guidance is informed by controls that map to other security frameworks, including HIPAA, the ISO 27000 family, NIST (National Institute of Standards and Technology) Cybersecurity Framework (CSF), NIST SP 800-53, PCI DSS and others.

CIS Benchmarks™ controls enable clients to embark on their digital transformation with the IBM Cloud while achieving a standardized level of security and compliance controls. The CIS IBM Cloud Foundations Benchmark controls can be configured to monitor resources through the IBM Cloud Security and Compliance Center.

Services in scope include the following:

• IBM Cloud Activity Tracker with LogDNA
• IBM Cloud Block Storage for Virtual Private Cloud
• IBM Cloud Container Registry
• IBM Cloud Databases for DataStax 
• IBM Cloud Databases for Elasticsearch
• IBM Cloud Databases for EnterpriseDB 
• IBM Cloud Databases for etcd
• IBM Cloud Databases for MongoDB (Standard and Enterprise)
• IBM Cloud Databases for PostgreSQL
• IBM Cloud Databases for Redis
• IBM Cloud Internet Services
• IBM Cloud Platform – Public – Identity and Access Management (IAM)
• IBM Cloud Platform – Public – Security and Compliance Center
• IBM Cloud Virtual Private Cloud
• IBM Cloud Virtual Server for Virtual Private Cloud
• IBM Cloudant for IBM Cloud
• IBM Key Protect for IBM Cloud

Learn more

• IBM Cloud Learn Hub: What are CIS Benchmarks?
• Get more information on IBM Cloud compliance programs.