Updated on 2024-11-08 GMT+08:00

Shared Responsibilities

Huawei guarantees that its commitment to cyber security will never be outweighed by the consideration of commercial interests. Huawei Cloud has developed a comprehensive cloud service security assurance system to address the growing challenges and threats of cloud security. This system is tailored to different regions and industries and leverages Huawei's unique software and hardware advantages, as well as compliance with laws, regulations, industry standards, and security ecosystem.

Figure 1 illustrates the responsibilities shared by Huawei Cloud and CCE users.
  • Huawei Cloud: Ensure the security of cloud services and provide secure clouds. Huawei Cloud's security responsibilities include ensuring the security of our IaaS, PaaS, and SaaS services, as well as the physical environments of the Huawei Cloud data centers where our IaaS, PaaS, and SaaS services operate. Huawei Cloud is responsible for not only the security functions and performance of our infrastructure, cloud services, and technologies, but also for the overall cloud O&M security and, in the broader sense, the security and compliance of our infrastructure and services.
  • Tenant: Use the cloud securely. Tenants of Huawei Cloud are responsible for the secure and effective management of the tenant-customized configurations of cloud services including IaaS, PaaS, and SaaS. This includes but is not limited to virtual networks, the OS of virtual machine hosts and guests, virtual firewalls, API Gateway, advanced security services, all types of cloud services, tenant data, identity accounts, and key management.

Huawei Cloud Security White Paper outlines the strategies and measures used to establish a secure cloud. It covers a range of topics, including the cloud security strategies, the shared responsibility model, compliance and privacy, security personnel and organizations, infrastructure security, tenant service and security, engineering security, O&M security, and ecosystem security.

Figure 1 Shared security responsibility model