Enterprise Security on Alibaba Cloud
The security services on Alibaba Cloud reduce the heavy lifting required to tackle key enterprise security challenges in the cloud, and each of these challenges can be solved with the use of one or multiple Alibaba Cloud security services and products.
For improved application security, use DDoS mitigation, web application protection, the centralized security operations interface, and the application data protection services.
Web Application Protection
Centralized Security Operation
Application Data Protection
Data security is enhanced by data encryption with proper key management, data integrity, and data recovery services.
Platform security is made possible by reliable physical security in cloud datacenters, hardware security in server infrastructures, and virtualization security.
A U T H E N T I C A T I O N
A U T H O R I Z A T I O N
A C C E S S C O N T R O L
L O G G I N G & A U D I T I N G
How It Works
Application Security is the first line of defense to protect a customer’s application. This important line provides DDoS mitigation, web endpoint protection, centralized security operations, and application data protection, including data discovery, data masking and DLP, to prevent attacks and intrusions against internet-facing cloud applications and ensure the safety of sensitive application data. Alibaba Cloud security capability specifically provides the following related security products.
Anti-DDoS Premium Service
Helps customers mitigate high-volume DDoS attacks from the internet.
Web Application Firewall (WAF)
Filter out massive numbers of malicious intrusions to ensure application endpoint security.
Provides a comprehensive health check service that works to protect your cloud services from a variety of attacks.
Alibaba Cloud is committed to protecting the data security and privacy for every customer for their enterprise security. Alibaba Cloud helps customers manage and control data security throughout the data lifecycle with comprehensive services and capabilities to manage data encryption, data recovery, and key management.
Key Management Service (KMS)
KMS is a fully managed service that help enterprise customers create, delete, and manage encryption keys to protect data in the cloud.
Build-in Data Encryption in Multiple Products
All data at rest stored in Elastic Compute Service (ECS) Cloud Disk, Object Storage Service (OSS), RDS, and MaxCompute can be encrypted with AES256 server-side encryption or with KMS with the option to Bring Your Own Key (BYOK).
Platform security is a vital layer of enterprise security as the platform both directly involves physical and hardware security as well as the virtualization environment.
All data center facilities are configured with strict access control to ensure physical security, equipped with surveillance systems covering all the areas and passages, and staffed with security guards for 24*7 patrol.
To protect sensitive data and keys, Alibaba Cloud offers firmware baseline scanning, GPU instance protection, secure BIOS update, BMC firmware protection, and a chip-level trusted execution environment.
Virtualization technology can help customers ensure isolation between multiple tenants in a cloud computing environment. Namely, we offer virtualization isolation in computing, network, storage resources.
Alibaba Cloud account authentication and authorization support two-level account credentials, namely Alibaba Cloud account and individual Resource Access Management (RAM) user account, for easy separation of duties, multi-factor authentication (MFA), fine-grained authorization control, and temporary authorization tokens.
Our access control capabilities with RAM access management are built in as standard capabilities to most cloud services.
ActionTrail help customers easily log and audit all user access to their cloud services and resources, quickly diagnose threats.
Operational records from ActionTrail can help meet customers’ compliance audit requirements.
Maintenance operations on production system can only be performed with bastion hosts. The entire operation process is recorded in logs in real time.
Alibaba Cloud adheres to domestic and international information security standards, as well as industry requirements. We also engage with independent third parties to verify the compliance of Alibaba Cloud according to various requirements. Certified by more than 10 agencies across the globe, Alibaba Cloud is a cloud service provider with the most complete range of certifications in Asia to ensure your enterprise security.
Learn More >
Alibaba Cloud and its customers are jointly responsible for the security of customers' applications built on Alibaba Cloud. With security responsibilities shared between Alibaba Cloud and its customers, Alibaba Cloud provides a secure infrastructure to decrease the enterprise security burden of customers. As such, customers can configure and use cloud products in a secure manner, thus relieving much of the underlying security burdens while allowing customers to focus more on their core business needs.
Read More >
Alibaba Cloud Security Ecosystem
In the spirit of cooperation and providing customers with more choices, Alibaba Cloud collaborates with security partners to establish security ecosystem and provide customers with industry-leading security solutions that are consistent with their existing deployed security control measures.
Alibaba Cloud has partnered with Fortinet to offer advanced multi-layer protection to secure your infrastructure, data, and applications on the cloud. Fortinet security solutions enable you to reduce risks even in dynamic networks.
Customer Success Stories
As the Official Cloud Services Partner to the Olympic Games and the infrastructure powering Alibaba, we provide high-performance cloud technology to help your business perform at its best.
By implementing Alibaba Cloud’s CDN and WAF services and working with Alibaba Cloud’s security professionals, AirAsia identified 90 percent of the traffic as Bots. Now, Alibaba Cloud provides Air Asia with weekly security reports and regular updates.
Founded in 1993 and headquartered in Malaysia, AirAsia is the largest airline in Malaysia and prides its self for its low-cost, high availability and superior customer service. Internationally, AirAsia is ranked as one of the world’s best low-cost airline. AirAsia operates scheduled domestic and international flights to more than 165 destinations spanning 25 countries.
Alibaba Cloud provides a comprehensive set of product portfolios ranging from IaaS, Big Data, AI, and Security to meet various use cases and needs of Tokopedia.
Tokopedia is an Indonesian technology company with a mission to democratize commerce through technology. It is the leading marketplace platform in Indonesia, empowering millions of merchants and consumers to participate in the future of commerce. Tokopedia’s vision is to build an ecosystem where everyone can start and discover anything with ease.
Become a Cloud Expert
A light-weight certification aims to help trainees to quickly understand a technique and learn how to use it as a practical skill.
Secure Your Data on Alibaba Cloud
Fully understand Alibaba Cloud's overall data protection solution.
Protect Your Web Application on Alibaba Cloud
Understand application security and common network attacks.
Cloud Platform Security Overview
Learn about Alibaba Cloud's security products line and their design strategy.
Alibaba Cloud Security Whitepaper - The China Gateway Version
Smart and Sound with Alibaba Cloud
Combatting Bots and Fraud
Protecting Your Data on the Cloud
Cybersecurity: Safeguard Your Business Data