Data Security and Privacy Protection Whitepaper

Data security is about engineering instead of a single point of technology. This is especially true for cloud vendors. Data protection engineering is a systematic task that requires meticulous design from the building of physical data centers and IaaS infrastructure, the automatic provision of PaaS and SaaS data protection capabilities, to the establishment of stringent fine-grained data security privileges, systems, and regulations, and is guaranteed by global compliance and qualification standards.

As the world’s leading cloud vendor, Alibaba Cloud is at the forefront of creating the most secure cloud environment, developing user trust, and ensuring that users around the world can enjoy the cloud safely. Alibaba Cloud has developed data risk convergence capabilities on the infrastructure and platform layers based on regions and zones. In addition, Alibaba Cloud provides users with native, highly automated, and transparent protection capabilities that focus on security, compliance, and privacy, and is committed to building a trustworthy and secure computing environment to facilitate the circulation and use of protected data.

This whitepaper introduces the Alibaba Cloud data and privacy protection framework, and elaborates how Alibaba Cloud achieves data security and privacy protection in different dimensions of the framework in the following content:

• Development of Alibaba Cloud Global Infrastructure
• Data Risk Convergence at the Infrastructure Layer
• Data Protection Tools on Alibaba Cloud
• How Alibaba Cloud Manages Data in the Cloud
• Users’ Rights and Obligations on Business Data in the Cloud
• How Alibaba Cloud Protects Personal Privacy Data
• Alibaba Cloud Complies with Security and Privacy Regulations