Well, if you need some logos, we provide these:
svg · png
Red Clever Cloud logo
svg · png
svg · png
White Clever Cloud logo
svg · png

Security at Clever Cloud

Privacy by Design

Application sustainability picture
To send sensitive information, please take a look at our Security Policy.

Overview

At Clever Cloud, security is not an afterthought. The whole platform was designed with security in mind. Most of security work is systemic: we work on eliminating and mitigating entire classes of vulnerabilities before handling specific issues. This allows our platform to be resilient against new and unknown threats. We see and practice security as a process, a background task that underlines everything we do, not as something that’s tacked on code after it’s been written. The two pillars of our security policy are immutable infrastructure and the avoidance of trusted networks.

Immutable infrastructure

Every piece of code deployed on Clever Cloud is deployed in a short-lived, reproducible environment. Even if one of your applications gets compromised, the compromised code will automatically go away at the next deployment. This is particularly useful for commonly targeted applications like PHP CMSs.

No trusted network

It is common to place applications in a shared, unrestricted network space. By avoiding that, we provide security in depth: breaking a gate will grant you access to the next gate, not to the whole castle. This greatly reduces lateral movement, and encourages better security processes. By default, virtual machines are isolated from the network.

Traffic must be explicitly allowed, rendering the common issue of having a component mistakenly exposed to the Internet effectively impossible. All incoming traffic is untrusted and has to be allowed to reach the applications.

Vulnerability Reporting

Please see our security policy.

Security Assessments and Compliance

The Clever Cloud platform is regularly audited as part of audits and pentests run for our customers by third-party auditors. All the platform-level conclusions are forwarded to the security team and acted upon. If you wish to audit or pentest applications running on Clever Cloud, please contact us.

Data Centers

Providing first-class security along with our datacenter partners is our priority. We constantly work to enhance our security protocols and heavily fight all possible threats, ensuring minimum risk to protect your infrastructures and physical assets.

Europe-based Datacenters

Name of the hosting providerEQUINIX PA3 Paris IBX® Data Center
Address114 Rue Ambroise Croizat, Saint Denis FR 93200
Power RedundancyN+1
Cooling RedundancyN+1 (on chillers) N+2 (on CRAC units)
Certifications
  • FACT
  • SSAE 16/ISAE3402 SOC-1 Type II
  • PCI DSS
  • ISO 9001-2008
  • ISO 27001
  • ISO 50001
Features
  • Break Room
  • Loaner Tools
  • Work kiosks
  • Conference Room
  • Crash Carts
  • Showers
  • Wifi
Name of the hosting providerEQUINIX PA4 Paris IBX® Data Center
Address110 Bis avenue du Général Leclerc Pantin France 93500
Power RedundancyN+1
Cooling RedundancyN+1 (on chillers) N+2 (on CRAC units)
Certifications
  • FACT
  • SSAE 16/ISAE3402 SOC-1 Type II
  • PCI DSS
  • ISO 9001-2008
  • ISO 27001
  • ISO 50001
Features
  • Break Room
  • Loaner Tools
  • Work kiosks
  • Conference Room
  • Crash Carts
  • Showers
  • Wifi
Name of the hosting providerZayo Group Velizy Data Center
Address16 Avenue de l’Europe Vélizy France 78140
DesignTier III
Power and Cooling2N cooling redundancy
Network9 different carriers
Certifications
  • SOC2
  • SOC3
  • GLBA
  • HIPAA & HITECH
  • PCI DSS
  • SSAE 16
  • FISMA Moderate compliant
Features
  • 3 diesel generators with 72 hours runtime
  • 24/7 onsite staffed security
  • 25 MVA growing to 7 MVA input from utility

America-based Datacenters

Name of the hosting providerOVH Beauharnois Quebec BHS-6
Address50 Rue de l'Aluminerie, Beauharnois, QC J6N 0C2, Canada
DesignTier III
Power and Cooling2N cooling redundancy
Network9 different carriers
Certifications
  • ISO 27001:2005
  • ISO 27002
  • ISO 27005
  • SOC 1 & 2 type II
Features
  • 24/7 onsite staffed security
  • Watercooling
  • Aircooling
  • PUE > 1,2
Name of the hosting providereStruxture Data Centers MTL-1
AddressMontreal’s city center, Canada
DesignTier III
Power
  • High power density (30kW)
  • Standard N+1 UPS solution
  • Flexible 2N (A+B) power
  • Multiple generators
  • On-site diesel storage providing 22 hours of unrefuelled operation
Cooling
  • Hot aisle/cold aisle containment
  • Customized containment pods
  • Zone monitoring to ensure environmental conditions
  • Chilled Water for high-density cooling
Security
  • Security staff on-site 24x7x365.
  • Dual layered physical access control including card access
  • Physical man-trap controls all entries and exits
  • Continuous monitoring with HD security cameras
  • Audited yearly for SOC2 Type2 compliance

PCI

We use PCI compliant payment processor Stripe for encrypting and processing credit card payments. Clever Cloud infrastructure provider is under the process of being PCI certified.

Protection Of Client Personal Data

According to our Terms of Use, CLEVER CLOUD’s commitments under the protection of CLIENT’s Personal Data (the “Personal Data” under Regulation UE n°2016/679 of April 27, 2016 “GDPR”) are described in our Terms of Use.

All the data are hosted in France by default (other regions are optionally available) and are fully GDPR compliant (we've done the work to assess our own data collection, storage practices and business practices comply with the GDPR).