Security Compliance

HUAWEI CLOUD has inherited the complete Huawei management system as well as the IT system building and operation experience. Integration and O&M of cloud services are proactively managed and continuously optimized.

HUAWEI CLOUD is responsible for the security of underlying infrastructures, and users are responsible for the security of applications and purchased OSs deployed in clouds. HUAWEI CLOUD can assist users with required compliance certification.

HUAWEI CLOUD services and platforms have received the following certifications:

  • ISO 27001:2013 ISO 27001:2013

    ISO 27001 is a widely used international standard that specifies requirements for information security management systems. Based on periodic risk evaluation, this standard provides a method for assessing systems that manage company and customer information.

  • Classified Cybersecurity Protection of China's Ministry of Public Security Classified Cybersecurity Protection of China's Ministry of Public Security

    Classified Cybersecurity Protection issued by China's Ministry of Public Security is used to guide organizations in China through cybersecurity building. Currently, it has become the general security standards widely followed by various industries in China. HUAWEI CLOUD has passed the registration and assessment of Classified Cybersecurity Protection Class 3. Key regions and nodes of HUAWEI CLOUD have passed the registration and assessment of Classified Cybersecurity Protection Class 4.

  • ISO 20000-1:2011 ISO 20000-1:2011

    ISO 20000 is an international standard for information technology service management system (SMS). It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS to make sure CSP can provide effective IT services to meet the requirements of customers and business.

  • SOC SOC

    The SOC audit report is an independent audit report issued by a third-party audit institution based on the relevant guidelines developed by the American Institute of Certified Public Accountants (AICPA) for the system and internal control of outsourced service providers.

  • ISO 27018:2014 ISO 27018:2014

    ISO 27018 is the first international code of conduct that focuses on personal data protection in the cloud. This certification indicates that HUAWEI CLOUD has a complete personal data protection management system and is in the global leading position in data security management.

  • PCI DSS Certification PCI DSS Certification

    Payment Card Industry Data Security Standard "PCI DSS" is the global card industry security standard, which is established by five major international payment brands, JCB, American Express, Discover, MasterCard and Visa. It is the most authoritative and strictest financial institution certification in the world.

  • CSA STAR Gold Certification CSA STAR Gold Certification

    CSA CSA STAR certification was developed by the Cloud Security Alliance (CSA) and the British Standards Institution (BSI), an authoritative standard development and preparation body as well as certification service provider worldwide. This certification aims to increase trust and transparency in the cloud computing industry and help cloud computing service providers show their service maturity.

  • TRUCS TRUCS

    Trusted Cloud Service (TRUCS) is one of the most authoritative certification in the public area in China. This certification shows that HUAWEI CLOUD complies with the most detailed certification standard for cloud service data and service assurance in China.

  • Gold O&M Gold O&M

    The Gold O&M certification is designed to assess the O&M capability of cloud service providers who have passed trusted cloud certification. This certification shows that HUAWEI CLOUD services have a sound O&M management system that meets the cloud service O&M assurance requirements specified in Chinese certification standards.

  • Certification for the Capability of Protecting Cloud Service User Data (TRUCS) Certification for the Capability of Protecting Cloud Service User Data (TRUCS)

    This certification is the first evaluation mechanism for cloud service user data security in China after Cybersecurity Law took effect. HUAWEI CLOUD passed this certification in the first batch.

  • ITSS Cloud Computing Service Capability Evaluation by the Ministry of Industry and Information Technology (MIIT) ITSS Cloud Computing Service Capability Evaluation by the Ministry of Industry and Information Technology (MIIT)

    ITSS cloud computing service capability evaluation is based on national standards such as General Requirements for Cloud Computing and Cloud Service Operations. It is the first hierarchical evaluation mechanism in the cloud service/cloud computing field in China. Huawei private cloud and public cloud have obtained the Level-2 compliance certificate of the cloud computing service capability, and Huawei becomes one of the few "dual-crowned vendors".

  • Cloud Service Security Certification - Cyberspace Administration of China (CAC) Cloud Service Security Certification - Cyberspace Administration of China (CAC)

    This certification is a third-party security review conducted by the Cyberspace Administration of China according to the national standards Requirements for Cloud Computing Service Security Capabilities. HUAWEI CLOUD e-Government Cloud Service Platform has passed the security review (enhanced level), indicating that Huawei e-Government cloud platform was recognized in terms of security and controllability by the national top cyber security management organization.

  • International Common Criteria EAL 3+ Certification International Common Criteria EAL 3+ Certification

    CC certification is a highly recognized international standard for information technology products and system security. HUAWEI CLOUD FusionSphere has passed CC EAL 3+ certification, indicating that HUAWEI CLOUD software platform was highly recognized worldwide.