HUAWEI CLOUD makes trustworthiness the most important aspect of product quality. We are building a globally credible public cloud featuring security, compliance, privacy, transparency, and resilience.
"Stands out with robust security and ALM capabilities. Huawei provides broad security coverage, such as escape prevention and traffic control over different layers." (The Forrester New WaveTM: Public Cloud Enterprise Container Platforms, Q3 2019)
Key Information
Trust White Paper
HUAWEI CLOUD Releases the Industry's First White Paper on Trustworthiness
Learn MorePrivacy White Paper
Safeguard strict service boundaries, helping customers protect privacy.
Learn More →Security White Paper
Learn from our extensive experience with cloud security. Make the security industry more open and develop better.
Learn More →Data Security White Paper
Learn about our best practices, and experiences in the data security field and throughout the industry.
Learn More →Containers Enter the Strong Performer Quadrant
"Huawei provides broad security coverage, such as escape prevention and traffic control over different layers." (Forrester, Public Cloud Enterprise Container Platforms, Q3 2019)
First Provider Qualified for Information Security
HUAWEI CLOUD was one of the first companies to obtain information security service qualifications (cloud computing security, level 1) from CNITSEC.
Trustworthiness Features
Trustworthiness Features
-
Security
Share with you more than 30 years of Huawei's security practices in serving corporate customers around the world.Share with you more than 30 years of Huawei's security practices in serving corporate customers around the world. -
Compliance
We regularly undergo compliance reviews from third parties, providing cloud services and business runtimes compliant with relevant laws and industry standards.We regularly undergo compliance reviews from third parties, providing cloud services and business runtimes compliant with relevant laws and industry standards. -
Privacy
Privacy is in our DNA. Our experience in protecting data privacy in hundreds of countries and regions around the world will be leveraged to keep your data safe.Privacy is in our DNA. Our experience in protecting data privacy in hundreds of countries and regions around the world will be leveraged to keep your data safe.
-
Transparency
We strictly comply with the data protection protocols of the countries and regions we provide services for. You have full control over your data.We strictly comply with the data protection protocols of the countries and regions we provide services for. You have full control over your data. -
Resilience
Full-stack services and 24/7 quick responses protect services from attacks.Full-stack services and 24/7 quick responses protect services from attacks.
Recommended Security Services
Recommended Security Services
-
Graded Protection of Information Security
Provides a one-stop solution to help you comply with graded protection requirements efficiently and economically.
-
Advanced Anti-DDoS
Keep your website safe from even terabyte level DDoS attacks.
-
Host Security Service
Reduces intrusion risks with asset management, vulnerability management, intrusion detection, and baseline inspection functions.
-
Vulnerability Scan Service
Websites, hosts, databases, and security baselines are all automatically scanned for vulnerabilities.
-
Web Application Firewall
Malicious requests are intelligently identified and protective measures taken to prevent core asset leakage.
Certifications
Global
Regional
-
/2xISO20000.png)
ISO 20000-1:2011
ISO 20000 is an international standard for information technology service management system (SMS). It specifies requirements for service providers to plan, establish, implement, operate, monitor, review, maintain, and improve an SMS to make sure service providers can provide effective IT services that meet the requirements of customers and businesses.
-
/2xISO22301.png)
ISO 22301:2012
ISO 22301 is an international standard for business continuity management systems. It specifies requirements for a management system to help organizations identify, analyze, and monitor disruptive incidents and develop a complete business continuity plan to effectively and quickly recover customer businesses so that the organizations can ensure the normal running of core functions and minimize loss and recovery costs.
-
/2xCSASTAR.png)
CSA STAR
Developed by the Cloud Security Alliance (CSA) and the British Standards Institution (BSI), CSA STAR certification is an international certification for different levels of cloud security, aiming to address relative problems of cloud security and to help cloud computing service providers demonstrate the maturity of their services.
-
/2xISO27701.png)
ISO 27701:2019
ISO 27701 specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to 27001 and 27002 for privacy management within the context of the organization. ISO 27701 specifies PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing.
-
/2xBS10012.png)
BS 10012:2017
BS 10012 provides a best practice framework for a personal information management system that is aligned to the principles of the EU GDPR. It outlines the core requirements organizations need to consider when collecting, storing, processing, retaining or disposing of personal records related to individuals.
-
/2xPCIDSS.png)
PCI DSS
Payment Card Industry Data Security Standard (PCI DSS) is a global card industry security standard established by the five main credit card organizations: JCB, American Express, Discover, MasterCard, and Visa. It is the strictest, most authoritative financial institution certification in the world.
-
/2xCC认证.png)
International Common Criteria EAL3+ Certification
Common Criteria (CC) certification is a set of international standards for IT products and systems security certification. CC provides assurances that the process of specification, implementation, and evaluation of a computer security product has been conducted in a rigorous, standardized, and repeatable manner; and at a level that is commensurate with the target environment. HUAWEI CLOUD has earned CC EAL 3+ certification, which was highly recognized worldwide.
/2xISO27001.png){kind=icon}
/2xISO27017.png){kind=icon}
/2xISO27018.png){kind=icon}
/2xISO20000.png){kind=icon}
/2xISO22301.png){kind=icon}
/2xCSASTAR.png){kind=icon}
/2xISO27701.png){kind=icon}
/2xBS10012.png){kind=icon}
/2xISO29151.png){kind=icon}
/2xSOC.png){kind=icon}
/2xPCIDSS.png){kind=icon}
/2xCC认证.png){kind=icon}
-
/2xMTCS.png)
Singapore Multi Tier Cloud Security (MTCS) Level 3
The MTCS standard was developed under the Singapore Information Technology Standards Committee (ITSC). This standard requires cloud service providers to adopt well-rounded risk management and security practices in cloud computing. The HUAWEI CLOUD Singapore region has obtained the level 3 (highest) certification of MTCS.
-
/2x等保.png)
DJCP
The Dengjiceping standard, or "DJCP" (meaning "graded protection"), is issued by China's Ministry of Public Security (MPS). DJCP is used to guide organizations in China through cyber security development. It has become the general security standard most widely followed by industries in China. HUAWEI CLOUD has been registered and assessed, earning DJCP level 3 certification. Key regions and nodes of HUAWEI CLOUD have been certified as DJCP level 4.
-
/2x网信办网络安全审查.png)
Cloud Service Security Certification by Cyberspace Administration of China (CAC)
The Cloud Service Security Certification is a security review conducted by CAC under the Chinese national standard Information Security Technology — Security Capability Requirements of Cloud Computing Services. The HUAWEI CLOUD e-government cloud platform has earned this certification (enhanced level), indicating that the national cyber security management organizations recognize the security and controllability offered by the HUAWEI CLOUD e-government cloud platform.
-
/2xITSS.png)
ITSS Cloud Computing Service Capability Evaluation by MIIT
The cloud computing service capability assessment is based on the Chinese national standards such as General Requirements for Cloud Computing Cloud Service Operation. Huawei private cloud and public cloud have obtained the level-1 compliance certificate on cloud computing service capability.
-
TRUCS Gold O&M Assessment
TRUCS Gold O&M Assessment is a special assessment of the O&M capabilities of cloud service providers that have earned TRUCS certification. HUAWEI CLOUD has earned TRUCS Gold O&M Assessment, indicating that HUAWEI CLOUD has a sound, fully featured O&M management system that meets the standards required for authoritative cloud service operations and maintenance assurance in China.
/2xMTCS.png){kind=icon}
/2x等保.png){kind=icon}
/2x网信办网络安全审查.png){kind=icon}
/2xITSS.png){kind=icon}
