The Cloud Security Alliance (CSA) leads the industry in offering cloud security-specific research, education, certification, events, and best practices.

CSA Security, Trust, Assurance, and Risk (CSA STAR) is a certification program jointly promoted by CSA and the British Standards Institution (BSI) to target the cloud industry. Based on the ISO/IEC 27001 standard and the Cloud Controls Matrix (CCM), CSA STAR uses the maturity model and assessment methods provided by BSI to comprehensively assess an organization's capabilities in cloud security management and relevant technologies.

In 2021, CSA updated the CCM from V3.0.1 to V4. The new version includes significant updates across 17 domains and 197 control objectives, including new requirements for the latest cloud technologies, control methods, and security responsibility matrix, improved accountability of control items, and enhanced interoperability and compatibility with other relevant standards. Huawei Cloud earned CSA STAR 2021 Gold Certification after several rounds of rigorous reviews.

The CSA STAR certification covers over 40 data centers belonging to Huawei Cloud globally, plus operation and maintenance services for them, including the provision of operation and maintenance services for Huawei Cloud data centers based on third-party IDCs, as well as those for Huawei Cloud's self-built data centers. You can download Huawei Cloud's CSA STAR certificate from Compliance Certificates.

The ISO/IEC 27001 certification covers over 150 Huawei Cloud services including, but not limited to, Advanced Anti-DDoS (AAD), Web Application Firewall (WAF), Data Encryption Workshop (DEW), and Database Security Service (DBSS). You can download Huawei Cloud's ISO/IEC 27001 certificate from Compliance Certificates.

If you would like to learn more about our products, please contact us.

Although Huawei Cloud has earned CSA STAR certification and provides you with secure and reliable cloud services on this basis, using services provided by Huawei Cloud does not certify your organization's compliance with CSA STAR. CSA STAR certification requires us to establish, implement, maintain, and continuously improve the operational security management system of our organizations based on the CSA STAR guidelines, standards, and best practices. You can invite an independent third-party certifying body to assess your own system and acquire certification for your organization.

Huawei Cloud has developed the "Huawei Cloud CSA CCM Compliance Guide" based on the Cloud Control Matrix (CSA CCM) released by the Cloud Security Alliance. This guide, in the form of a CAIQ self-assessment questionnaire, demonstrates to customers the efforts Huawei Cloud has made to enhance security in the cloud environment.

It helps customers understand:

The main content of CSA CCM, related certifications, and the role of CAIQ;Huawei Cloud's responses to the questions in the CAIQ self-assessment questionnaire.