Page tree
Skip to end of metadata
Go to start of metadata

BMC's Helix services are hosted from various regional locations. Each customer's service location is dependent on various factors such as environment type, proximity of the customer to the data location, and customer sector (public versus private).

This topic contains the following information:

Note

BMC supports the data residency requirements of its customers through the initial selection of a service location. Once selected, data remains within the primary and secondary locations for that service. Customers who purchase services that utilize the IBM Watson features may have select data transferred to/from the corresponding IBM service location.

Service locations and compliance

BMC is committed to offering its services from facilities that meet or exceed the rigorous standards and compliance requirements of our customers. The following table summarizes the key compliance and certification types available from each location.

BMC has partnered with IBM for a seamless integration to its BMC Helix Chatbot and Cognitive Automation services. IBM Watson Assistant and Discovery capabilities are provided from the location listed. 

View by: 

BMC Cloud locations

U.S. FedRAMP location

AWS locations

BMC Cloud

Service Location

Primary

Secondary

Backup (if applicable)


Data Center Compliance Types


Services Available


IBM Service Location


Jitterbit Service Location

Primary

Secondary

U.S. Commercial A and

U.S. Public Sector

Elk Grove Village, IL

Chicago, IL

Santa Clara, CA

 


SSAE 18, ISO 27001, PCI DSS

SSAE 18, ISO 27001, PCI DSS

SSAE 18, ISO 27001, PCI DSS

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity (Dallas, TX location only)

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Client Management

BMC Helix Integration Platform

Dallas, TX or Ashburn, VA

North America (NA)

U.S. East Coast Virginia

U.S. West Coast Oregon

U.S. FedRAMP

U.S. East coast

U.S. East coast

 

SSAE 18, ISO 27001

SSAE 18, ISO 27001

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management



European Union

Amsterdam, The Netherlands

Amsterdam, The Netherlands


 

SSAE 18, ISO 27001, ISO 50001, ISO 14001, ISO 9001, OHSAS 18001, PCI DSS

SSAE 18, ISO 27001, ISO 50001, ISO 14001, ISO 9001, OHSAS 18001, PCI DSS


BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Client Management

BMC Helix Integration Platform

BMC Helix Cloud Cost

BMC Helix Cloud Security

BMC Helix Capacity Optimization (all options)

BMC Helix Vulnerability Management

BMC Helix Operations Management

Frankfurt, Germany

EMEA

Dublin, Ireland

Frankfurt, Germany

United Kingdom

London, U.K.

Slough, U.K.

 

ISO 27001, ISO 50001, ISO 14001, ISO 9001, OHSAS 18001, PCI DSS

ISO 27001, ISO 50001, ISO 14001, ISO 9001, OHSAS 18001, PCI DSS

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

London, U.K.

EMEA

Dublin, Ireland

Frankfurt, Germany


Australia

Sydney, NSW

Sydney, NSW

 

ISO 27001, PCI DSS, Tier III Certification of Design Documents

ISO 27001, PCI DSS

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Integration Platform

Sydney, NSW

Asia Pacific (APAC)

Singapore, Malaysia

Sydney, NSW


AWS Cloud

Service Location

Data Center Compliance Types

Services Available

IBM Service Location

Jitterbit Service Location

U.S. Commercial A AWS

Portland, OR


ISO 27001

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Discovery

BMC Helix Integration Platform

Dallas, TX

North America (NA)

U.S. East Coast Virginia

U.S. West Coast Oregon

U.S. Commercial B AWS

U.S. East Coast


ISO 27001

BMC Helix Cloud Cost

BMC Helix Cloud Security



Canada

Montreal, Québec


ISO 27001

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management



Asia Pacific AWS

Singapore


ISO 27001

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Integration Platform

Frankfurt, Germany

Asia Pacific (APAC)

Singapore, Malaysia

Sydney, NSW

Germany AWS

Frankfurt, Germany


ISO 27001

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Integration Platform

Frankfurt, Germany

EMEA

Dublin, Ireland

Frankfurt, Germany

Brazil AWS

São Paulo, Brazil


ISO 27001

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Integration Platform

Dallas, TX or Ashburn, VA

North America

U.S. East Coast Virginia

U.S. West Coast Oregon

South Africa AWSISO 27001

BMC Helix ITSM

BMC Helix Digital Workplace Basic

BMC Helix Digital Workplace Advanced

BMC Helix Custom Applications

BMC Helix Premium Connector

BMC Helix Cognitive Automation

BMC Helix Cognitive Search

BMC Helix Chatbot - Standard Capacity

BMC Helix Chatbot - Premium Capacity

BMC Helix Business Workflows

BMC Helix Multi-Cloud Service Management

BMC Helix Integration Platform

Frankfurt, Germany

EMEA

Dublin, Ireland

Frankfurt, Germany

European Union AWS

Dublin, Ireland


ISO 27001

BMC Helix Discovery



Definitions

FedRAMP - Federal Risk and Authorization Management Program is a US federal agency-specific process for assessing and authorizing federal cloud computing products and services. FedRAMP consists of a subset of National Institute of Standards and Technology Special Publication (NIST SP) 800-53 security controls specifically selected to provide protection in cloud environments. BMC's FedRAMP certification is defined for the Federal Information Processing Standards (FIPS) 199 Moderate impact level. 

ISAE 3402 - International Standard on Assurance Engagements No. 3402 was developed to provide an international assurance standard for allowing public accountants to issue a report for use by user organizations and their auditors on the controls at a service organization that are likely to impact or be a part of the user organization’s system of internal control over financial reporting.  

ISO 9001 - International Organization for Standardization 9001 sets criteria for a quality management system. Based on a number of quality management principles, this certification assesses customer focus and helps ensure that customers get consistent, good quality products and services.

ISO 14001 - International Organization for Standardization 14001 certifies that a company's environmental policies, protocols and procedures meet a standard whereby impact to the environment is minimized.  

ISO 27001 - International Organization for Standardization 27001 is a specification for an information security management system. This system is an approach to managing sensitive company information so that it remains secure. It includes people, processes and IT systems by applying a risk management process.

ISO 50001 - International Organization for Standardization 50001 specifies requirements for establishing, implementing and maintaining and improving an energy management system, whose purpose is to enable an organization to follow a systematic approach in achieving continual improvement of energy performance. It includes energy efficiency, energy use and consumption. 

OHSAS 18001 - Occupational Health and Safety Management Systems is an international unified approach for the requirements of an occupational health and safety management system. It is a British Standard that exists to help organizations put in place demonstrably sound occupational health and safety performance.

PCI DSS - The Payment Card Industry Data Security Standard is a proprietary information security standard for organizations that handle branded credit cards from the major credit card companies. The standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is performed annually.

SSAE 18 - Statement on Standards for Attestation Engagements (SSAE) No. 18, also referred to as a Service Organization Controls (SOC) 1 report, is an auditing standard for service organizations and serves as the authoritative guidance for reporting. It was drafted with the intention and purpose of updating the US service organization reporting standard so that it mirrors and complies with the international service organization reporting standard ISAE 3402. See also Third party audit for BMC's SSAE 18 SOC 2 Type II accreditation for the services.

Tier III Certification of Design Documents - As certified by Uptime Institute, tier certification is a performance-based evaluation of a data center's specific infrastructure. The first step in the certification process is the Tier Certification of Design Documents (TCDD) designation. To obtain the TCDD compliance level, Uptime Institute reviews all design documents, ensuring each subsystem among electrical, mechanical, monitoring and automation meet the fundamental concepts.

Service location features

Each BMC-controlled service location adheres to the following minimum standards:

 Features
Site characteristics
  • Built to Tier III design specifications
  • Raised floor and/or overhead cable management systems
Security
  • Security framework: based on the NIST SP 800-53 standards at a Moderate level
  • Guarded 24 hours a day, 7 days a week
  • Card access or biometrics access
  • Multilevel security card readers with battery backup
  • Closed-circuit television (CCTV) surveillance
  • Automated building monitoring system that oversees facility power, environment, and backup systems
  • Perimeter fence and gate controls 
Communications
  • FIPS 140-2 compliant cryptographic ciphers
  • Engineered with redundant network equipment, switches, links, and carriers, ensuring high availability and performance
  • Backbone speeds of the network are based on Gigabit Ethernet and 10-gigabit. Switches and routers have dual power supplies and failover LAN cards.
  • Redundant high speed internet links with multiple carriers for primary sites
  • Redundant firewalls
Electrical and mechanical systems
  • N+1 power infrastructure
  • Redundant grids
  • Mirrored, fully redundant uninterruptible power supply systems (UPS)
  • Redundant diesel generators
  • Redundant power distribution units
  • Redundant chillers, cooling towers or water pumps
  • Redundant packaged heating and air conditioning units
  • Multizone, dry-pipe sprinkler and smoke-detector system with VESDA; water-detection system
  • On-site emergency diesel fuel

6 Comments

  1.  

    1.  

  2.  

    1.  

  3.  

    1.