Security is never the final destination — It’s a continuous journey.
Ingram Micro Cloud is committed to following globally recognized security standards and frameworks to ensure it delivers secure and reliable services. Ingram Micro Cloud is working across our organization to improve its software development and services with the aim of increasing the security of the organization. The secure way should be the easy way, and that's why security is built into the fabric of its infrastructure. Here are a few ways Ingram Micro Cloud builds security in as part of the way they work, day-to-day.

Ingram Micro Cloud is responsible for defining and complying with Corporate security standards and policies, achieving and maintaining ISO 27001 and PCI compliance while adhering to GDPR requirements, responding to interested parties (security questionnaires and audits, i.e. major customers), as well as day-to-day security monitoring and remediation.

Our commitment to security drives our protection policies, procedures, and control. Our protection philosophy is comprised of three tenets:
Top Security and Privacy Features
The continual effort to ensure its security remains at the forefront of the organization. Below are a few of the top security and privacy features.
Application Security
Ingram Micro Cloud takes steps to securely develop and test against security threats to ensure the safety of its data.
Ingram Micro Cloud maintains a Secure Development Lifecycle, in which the training of its developers, and performing design and code reviews, takes a prime role.
In addition, the security experts at Ingram Micro Cloud are trained to perform detailed penetration tests on different applications.
Physical Security
Being hosted on Azure and AWS to provide robust, physical data center security and environmental controls.
Ingram Micro Cloud ensures the confidentiality, availability and integrity of its data with industry best practices.
Data Recovery
Regular backups are performed adhering to industry standards and practices.

Ingram Micro Cloud has placed the appropriate measures in place and data is securely replicated to different geographic regions for Disaster Recovery (DR) purposes. Disaster Recovery testing is performed periodically to validate processes and recoverability.

Ingram Micro Cloud follows 3 measures: Recovery from backups, Cold Standby, and Hot Standby.
Compliance
Ingram Micro Cloud maintains numerous 3rd party certifications for the continued excellence in security and privacy. The strong and growing focus towards the conformance of standards, and compliance allows ensures the continuation of its regulatory and policy objectives.
Payment Card Industry (PCI) Compliancy
The Payment Card Industries Data Security Standard is an information security standard for the handling of credit card information.
In order to reduce risk in our environments, we have established a policy to process all credit cards via PCI DSS certified 3rd-party payment processors. This is implemented in our environment using iFrame full-redirects which ensures no card holder data is managed by Ingram Micro servers.
ISO 27001
ISO 27001 (formally known as ISO/IEC 27001:2013) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls required to assess and mature the security posture of an organization.
Achieving compliance with ISO 27001 ensures that CloudBlue & Ingram Micro Cloud (CMP) has a comprehensive and mature security program in place that aligns with industry standards. ISO 27001 certification entailed aligning existing policies, processes, and technical controls to the requirements set out by the standard.
The General Data Protection Regulation (GDPR)
The GDPR is a European privacy law which came into effect on May 25, 2018.
The GDPR replaces the EU Data Protection Directive, and is intended to reconcile data protection laws throughout the European Union (EU) by applying a single data protection law enforceable across every member state.

The GDPR aims to strengthen personal data protection in Europe, and affects the way we all do business. Compliance with the GDPR is a top priority for Ingram Micro and our customers. Ingram Micro Cloud’s products and services are already GDPR compliant. We are committed to helping our customers comply with the GDPR.

GDPR ensures the following:
  • Regulates how businesses can collect, use, and store personal data
  • Builds upon current documentation and reporting requirements to increase accountability
  • Authorizes fines on businesses who fail to meet its requirements