SecNumCloud-qualified Hosted Private Cloud powered by VMware
The SecNumCloud certification means that you can be sure to choose solutions whose levels of security and trust have been verified by ANSSI. This guarantees that you are using solutions recommended by the French state, adapted for administrations and companies in the most sensitive sectors.
The SecNumCloud-certified Hosted Private Cloud powered by VMware guarantees customers a complete VMware environment, managed industrially with a very high level of automation. This service is offered as part of our Trusted Zone solutions, in dedicated datacentres where customer data is immune to non-European regulations.
In May 2021, the French government announced the implementation of a new “Trusted Cloud” label for cloud service providers in national administrations. This is based on the SecNumCloud qualification, supplemented by service immunity requirements for non-European extraterritorial laws. The Hosted Private Cloud powered by VMware solution is SecNumCloud certified, and meets all of these criteria.
For OVIs and OESs, compliance involves certification procedures based on risk analysis — especially the implementation of several security rules. The use of qualified SecNumCloud solutions provides elements that strengthen risk analysis documentation, ensuring that customers choose solutions with a verified level of security and trust.
A trusted, secure cloud for critical services and critical data
The leading private cloud in Europe, based on VMware SDDC
OVHcloud has been offering hosted private cloud services based on VMware technologies since 2010. These Software-Defined Datacentre solutions are based on VMware SDDC Enterprise Plus clusters. OVHcloud delivers performance, scalability and a very high level of automation. Forrester named OVHcloud the European leader in the Hosted Private Cloud market segment in 2020. OVHcloud is ranked ahead of all its European competitors for this type of service.
Secure Trusted Zones and Disaster Recovery Plan
SecNumCloud-certified services are offered in two dedicated and secure datacentres within a specific scope to meet the requirements of the ANSSI SecNumCloud framework (including biometric 2FA and extended CCTV video surveillance): OVHcloud Trusted Zones Customers can set up their business continuity plan between our two Trusted Zones in Roubaix (RBX) and Strasbourg (SBG), where all traffic passes through encrypted private links.
Total immunity from non-European regulations
OVHcloud’s SecNumCloud services are operated 24/7, exclusively by staff based in the European Union. Specific security measures and the segregation of information systems reinforce the protection of data that cannot be transferred outside of the European Union, strengthening the protection of customer data sovereignty.
Enhanced customer data security and increased compliance
Each customer’s cloud infrastructures are physically isolated, and we apply the Zero-Trust approach to securing access. The client administration tools are dedicated, benefit from reinforced access controls (2FA, secure interface, token authentication for sensitive actions) and include encryption of services at rest. Compliant with ISO 27001, ISO 27701, ISO 27017, ISO 27018, CSA Star, HDS, SOC I and II type 2 or PCI DSS.
Terms of service access
To benefit from SecNumCloud qualified services, customers need to create a new account dedicated to their Trusted Zone services, and sign up to OVHcloud Enterprise support.
SecNumCloud products will be billed at the standard price, plus an additional 12% of the total amount of your monthly bill. This additional charge does not apply to the price of your support level.
Unlike other OVHcloud solutions, for now, you can order SecNumCloud services exclusively via our Customer Services team. Please contact our Customer Services team for more information.
About ANSSI Security Visas
The Security Visas issued by the National Cybersecurity Agency (ANSSI) allow reliable security solutions to be identified following an evaluation carried out by approved laboratories in accordance with a rigorous and proven methodology. This assessment involves an in-depth analysis of the organisation and its procedures, architecture and technical configurations in order to verify the compliance of these solutions with the relevant framework of requirements. A Security Visa is issued with a certificate or qualification, depending on the context and need. Security Visas are a guarantee of security for users in a framework of trust built by the ANSSI (source: ANSSI)
To find out more about the SecNumCloud certification, you can visit our dedicated page
Which laws apply to your data?
The data hosted with a cloud provider is subject to the territorial laws to which its parent company is subject, as well as the territorial laws where this customer data is transferred, processed and stored. The invalidation of Privacy Shield last July by the CJEU calls into question data transfers hosted in the EU by a US cloud provider, which are then subject to both European and American laws, i.e. both the GDPR and US extraterritorial surveillance laws (FISA 702, EO 12333, etc.) as well as the CLOUD Act. Similarly, data hosted by Chinese cloud providers is subject to China's National Intelligence Law.
With the SecNumCloud powered by VMware solution, the only legislation that can apply to your data are European.