Data protection

This topic provides information about the means employed by BMC to ensure that your data is protected.

Malware protection

BMC utilizes Endpoint Security on all servers, workstations, and email gateways for core threat prevention, endpoint detection and incident response.  Protection includes virus scanning, and spyware and adware detection.  Endpoint agents are updated daily and managed centrally using a centralized policy server.  Viruses and malware alerts are reported to the Security Information and Event Management (SIEM) system and assessed weekly as part of the Security Operations Control reporting procedure.

SaaS Media Protection policy

BMC's SaaS Media Protection policy addresses practices that control the use of data on removable media and mobile devices. BMC restricts access to customer information to those with a legitimate need to know and requires that:

  • laptops and desktops be configured to restrict the use of the following types of portable media devices: diskettes, external/removable hard drives, flash/thumb drives, compact disc, and optical drive.

Other types of portable media are handled in the following manner described, including but not limited to:

  • notebook/laptop computers are encrypted at the boot level
  • cellular phones/smart phones are encrypted
  • non-digital media (paper) is to be locked in a desk employing the BMC clean desk policy, or disposed of in supplied secure shred bins

Data encryption

All data transmissions use standard encryption technologies such as HTTPS/SSL, TLS, and AES.

BMC Helix  Control-M uses the same HTTPS encryption techniques, including support for TLS 1.2 and 2048-bit key length.



 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*