Skip to Content

BMC Control-M SaaS Data Handling Policy

This topic outlines the policy for handling data in the BMC Control-M SaaS service.

Warning

Note

The BMC commitment to data privacy, integrity, and security is published at https://www.bmc.com/legal/data-privacy-binding-corporate-rules.html.

Customer data is any data that you enter into the system during onboarding activities and normal use of services.  BMC manages sensitive customer data by using the following guidelines:

  • Customers retain ownership of their data at all times.
  • All external solution traffic over the web is secured using encryption.
  • Database schemas are completely segregated, with a dedicated schema per customer.
  • The infrastructure and applications are configured to account for security standards using a hardening process to reduce security vulnerabilities.
  • Monitoring is in place to alert of any suspected or actual data breaches.
  • Periodic penetration tests are performed to identify any potential or actual security issues.
  • The operational and support organizations employ the separation of duties security principle to ensure that only the resources required to support the solution have access to specific data.
  • Periodic internal and external security audits are run on the systems to identify any vulnerabilities.

See also the information under Security.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

Control-M SaaS