
Certifications
Available in
and
datacenters.
Soon in Sydney
and Singapore
.

ISO 27001, SOC 1 and SOC 2
OVH has gained ISO 27001 certification because it complies with ISO 27002 good information security management practices and ISO 27005 standards for risk assessment and risk handling.
SOC 1 Type II certifies that OVH has clearly defined and implemented controls to protect the data of its customers. SOC 2 Type II evaluates these controls against the international standard, established by the AICPA (American Institute of Certified Public Accountants) in its principles on confidential services (Trust Services Principles).
Public documents
ISO certificate
Sections I of SOC 1 Type II report (ISAE 3402 or SSAE 16)
Sections I of SOC 2 Type II
ISO service
ISMS Scope and Perimeter
Public Statement of Applicability
Audit report
SOC service
Full report SOC 1 Type II (SSAE 16 or ISAE 3402)
Full report SOC 2 Type II
Currently, only our datacentres in France and Canada have the above certifications, but we will soon be receiving these certifications for our datacentres in the UK, Germany and Poland.

CSA STAR self-assessment
OVH is listed in the Cloud Security Alliance's STAR registry for its Private Cloud solution. This initiative informs OVH customers that OVH's cloud computing services conform to the CSA's best practices. It also details the controls that OVH has implemented to ensure the security of information systems.
Consensus Assessments Initiative Questionnaire (CAIQ)
Free

PCI DSS Level 1
The PCI DSS Level 1 certification (Payment Card Industry Data Security Standard) gives assurance to banks and users of online services that companies who handle confidential payment card data comply with specific security requirements.
PCI DSS security extended to all your VMs
Upon request
On-site audit
Upon request and under certain conditions, OVH can provide documentation relating to these certifications. OVH authorises audits which are carried out by third parties in order to provide all interested parties with certification. If you use a different benchmark to ISO 27001 or SOC, you can ask OVH to complete your questionnaire.
Customised security service
Consultation service, with the option of completing a questionnaire on the security measures in the OVH datacentres.
Upon quotation