BaishanCloud has recently passed the international authoritative certification standards and obtained the SOC 2 Type 2 certification report issued by a global accounting firm. After receiving the SOC 2 Type 1 report in March 2021, BaishanCloud recently received the SOC 2 Type 2 report. This certification highlights BaishanCloud’s determination to build a security system as an innovative edge cloud service provider and Baishan’s powerful capabilities in cloud product security.
The SOC (System and Organization Controls) standard is an industry service standard formulated by the American Institute of Certified Public Accountants (AICPA). It mainly focuses on the internal control system and security control process of cloud service providers. This standard has been widely recognized at home and abroad and has become an essential reference for enterprises when selecting service providers. Compared with the Type 1 report, the Type 2 report requires audit institutions to continuously assess the effectiveness of enterprise security measures over time, which fully demonstrates BaishanCloud’sstrength in the field of enterprise internal control and cloud product security system construction.
In building the global edge cloud platform, BaishanCloudhas thoroughly considered the principles of security, availability, and confidentiality in the design of product architecture and functions. Based on the concept of SASE and zero trust, BaishanCloud integrates industry-leading technologies such as Web Application Firewall, Anti-DDoS, Bot Management, enabling cloud security products and services to effectively respond to threats, including injection attacks, cross-site scripting attacks, and malicious scanning induce and capture abnormal accesses, and avoid the resource exhaustion at origin site due to DDoS and CC attacks, and achieve full coverage of cloud, network, edge, and end security capabilities.
Relying on edge networks worldwide, BaishanCloud has created highly available, high-performance, and highly scalable CDN, SD-WAN, and other infrastructure services. Through anti-theft chain technologies such as Referer, timestamp, header, cookie, and back-to-origin authentication, and with multiple security strategies and technologies, BaishanCloud effectively solves the problem of network congestion while also providing a solid guarantee for enterprise business and data security as well as the protection and stability of access requests.
Guarding data security requires not only continuous iterative security capabilities and technologies but also strict control methods. BaishanCloud strictly implements relevant regulations in environment control, risk assessment, monitoring, vulnerabilities, security incidents and fault management, change management, capacity, data backup, and business continuity. With comprehensive security control procedures and technologies, BaishanCloud effectively protects company’s and users’ information security.
At present, BaishanCloud has obtained the Information Security Management System Certification (ISO27001), the Privacy Information Management System Certification (ISO27701), the Ministry of Public Security Level 3, and other security compliance certifications such as the Trusted Cloud Certification of the Institute of Information and Communications Technology. In July 2021, the Baishan Canvas platform was awarded the advanced level of SASE maturity capability and passed the zero-trust security capability assessment.
BaishanCloud will continue to improve the security control system, strictly implement relevant management and control activities, deeply cultivate SASE and zero-trust technology, integrate security, availability, and confidentiality into cloud product development concepts, and strive to build safe and reliable edge cloud services. With the digital transformation of enterprises, BaishanCloud will also continue to improve the security capabilities of cloud products, provide more enterprises with solutions in different application scenarios, empower customers with technology, and assist enterprises in their digital transformation.