Compliance Frequently Asked Questions
Compliance Frequently Asked Questions
What security/privacy certificates has Huawei Cloud earned?
Huawei Cloud is committed to building secure and trusted cloud services. The infrastructure and services provided by Huawei Cloud have been assessed by authoritative, independent, third-party agencies and reviewed by the relevant certifying bodies.
Huawei Cloud is compliant with a wide range of international standards and practices, including:
• Security standards: ISO 27001, ISO 27017, CSA STAR, PCI DSS, PCI 3DS, ISO 27034, and NIST cyber security framework (CSF), and more
• Privacy standards: ISO 27018, ISO 27701, BS 10012, ISO 29151, and ISO 27799
• Other standards: ISO 22301 (for business continuity management), ISO/IEC 20000 (for IT service management),TL 9000 and ISO 9001 (for quality management), SOC 1, SOC 2, and SOC 3(for audit)
Learn more from Compliance Certificates in the Compliance Center.
Does Huawei Cloud periodically update certifications?
Yes. To respond to ever-changing cloud environments and services, we regularly review and update certificates in accordance with certification requirements to ensure our leading position in information security management and privacy protection.
Can I download a copy of these certificates?
Yes.
You can download certificates from the Trust Center. If you want to know what the certificates cover, or if you need assistance from Huawei Cloud when your business is being certified, you can apply for and download a copy of the certificates from the Download Compliance Certificates area.
What compliance services does Huawei Cloud provide to help me quickly obtain certificates?
Huawei Cloud keeps an eye on changes of laws and regulations and develops security services and one-stop security solution based on its extensive experience to help you comply with the business security requirements and quickly obtain required certificates. Take the Database Security Service (DBSS) as an example. It complies with the SOX, and PCI DSS, meeting your auditing requirements. You can use it to audit database, important user behavior, and security events of each and every user. In addition, DBSS provides compliance reports that meet data security standards (such as Sarbanes-Oxley).
Which Huawei Cloud services can help me comply with security and privacy regulations?
With strict R&D process controls in place, all Huawei Cloud services provide security and privacy features, including but not limited to encryption, deletion, and monitoring and response, that meet global laws and regulations.
How does Huawei Cloud protect my data subject rights?
Huawei Cloud provides a request channel and has a professional team to process the requests. The team quickly responds to and processes your requests, and notifies data subjects of the results.
If you have any questions, comments, or suggestions, please contact us through the customer service hotline. You can submit your request to us on the personal data subject page.
How does Huawei Cloud handle data leaks?
To address any personal data leaks, damages, or other losses, we have developed multiple regulations and control measures that specify the classification and grading standards of security incidents and security vulnerabilities, as well as the handling processes.
Additionally, we have set up a dedicated privacy protection team to disclose personal data breaches in a timely manner in accordance with applicable laws and regulations. We will carry out emergency plans and start recovery processes to reduce the impact on you.