Alibaba Cloud Object Storage Service (OSS) provides robust security features and meets multiple compliance standards. It supports server-side encryption, client-based encryption, whitelists for hotlink protection, and fine-grained access control. OSS provides comprehensive data protection to meet your enterprise security and compliance requirements.
Item | Description |
OSS supports client-based encryption and server-side encryption. You can also set the TLS version to enhance the security of HTTPS transmissions that use SSL/TLS. This effectively prevents potential security risks for your data in the cloud. | |
OSS supports multiple data consistency verification mechanisms, such as ETag and cyclic redundancy check (CRC). These mechanisms ensure data integrity during uploads, downloads, and storage. This helps detect and prevent data corruption or loss during transmission and storage. | |
OSS provides a content moderation feature to scan stored images for prohibited content, such as content related to pornography, politics, terrorism, or violence. OSS also supports a malicious file detection feature to scan your stored data for threats from malicious files, such as web shells, ransomware, and trojans. | |
If an OSS bucket is attacked or used to share illegal content, OSS automatically moves the bucket into a sandbox. This prevents other buckets from being affected. | |
OSS DDoS protection provides a service to defend against DDoS attacks on your object storage. It effectively mitigates high-traffic malicious attacks, ensuring service availability and data security. | |
OSS holds multiple compliance certifications, such as the Cohasset Associates audit, FINRA 4511, CFTC 1.31, ISO, BS10012, and CSA STAR, to meet various compliance requirements. | |
OSS provides a compliance guide to help developers protect the personal information of end users. This guide helps prevent violations of end-user rights when using third-party SDKs. Developers can use this guide for self-assessment and proper configuration when integrating the Object Storage Service software development kit (SDK) to meet regulatory requirements. |