Shared Responsibility

Huawei Cloud guarantees that its commitment to cyber security will never be outweighed by the consideration of commercial interests. To address emerging challenges to cloud security and pervasive cloud security threats and attacks, Huawei Cloud builds a comprehensive security system that is compliant with laws, regulations, and industry standards for cloud services in different regions and industries, by leveraging Huawei's security ecosystem and unique advantages in software and hardware.

Figure 1 shows the responsibilities shared by you (tenants) and Huawei Cloud.

• Huawei Cloud: Ensures the security of cloud services. Huawei Cloud is responsible for the security of its IaaS, PaaS, and SaaS cloud services, as well as the physical environments of the Huawei Cloud data centers where these services are deployed. Huawei Cloud is committed not only to the security and performance of its infrastructure, cloud services, and technologies, but also to the overall cloud O&M security and, more broadly, the security compliance.
• Tenants: Ensure secure use of cloud services. Your responsibility is to use the IaaS, PaaS, and SaaS cloud services securely, and effectively manage the security configurations you have customized for virtual firewalls, API gateways, advanced security services, cloud services, user data, identity and key management, and the operating systems for virtual networks, virtual hosts, and guest virtual machines (VMs).

The Huawei Cloud Security White Paper details the ideas and measures for building Huawei Cloud security system, including cloud security strategies, shared responsibility model, security compliance and privacy protection, security organization and personnel, infrastructure security, tenant services and security, engineering security, O&M security, and ecosystem security.

Figure 1 Shared responsibility model of Huawei Cloud