IMDS meets your security needs by providing a secure infrastructure to protect operations and data as well as additional security and privacy services. DCX's IMDS and CDX share the same security concepts and components. As a result, during meanwhile more than 15 years, the Global Automotive Industry gained and kept trust that their data are handled in a secure way using IMDS.
The IMDS security model covers six layers of security aspects - from physical and network environment protection, hardware and operating system, database and application security as well as all access and authorization processes.
- The IMDS application and database servers are distributed over two different DXC data centers in Germany. All DXC data centers are equipped with redundant components like electrical power supplies, battery backup, cooling equipment and they are interconnected by high performance and redundant wide area networks. The data centers are professionally managed by qualified and certified personnel.
- The redundant IMDS networks are protected by load balancers from external access and fully encapsulated from other systems by firewalls. The complete data exchange is based on encrypted protocols.
- All IMDS application and database servers run on the Unix operating system. Hardware and operating system maintenance is performed by qualified staff following predefined procedures.
- The IMDS database is designed fully redundant. In case of a failure of the primary database, secondary replicated database servers take over in order to provide failover and disaster recovery capabilities. Continuous database backups provide the possibility to restore the data at any point of time.
- The IMDS application enforces the use of encrypted HTTPS connections when working with the web system as well as for all external systems accessing IMDS. All users have to authenticate by the use of system generated user IDs and passwords with a minimum length of 8 characters. Passwords have to be changed in predefined intervals and user accounts are automatically de-activated when not being used for a predefined timeframe.
In case you have further questions related to the IMDS System Security or Data Protection please contact one of the IMDS Service Centers.