News and trends > News details

JD Cloud Built a Full-Scenario Cloud Computing Security Protection System and Released White Paper on Cybersecurity Multi-level Protection Compliance Capability

2019-12-25

Abstract
The release of the national standards on multi-level protection of information security scheme (MLPS) 2.0 marks a new era in the multi-level protection of national cybersecurity. As a cloud intelligent manufacturer with the most industrial attributes, JD Cloud will take initiative to cause the security system to comprehensively satisfy the national standards on multi-level protection scheme 2.0 and other applicable laws and regulations, and focus on building the new generation full-scenario cloud computing security protection system featured with active defense, overall prevention and control, precise protection, and intelligent evolution.

Recently, JD Cloud released the White Paper on Cybersecurity Classified Protection Compliance Capability (hereinafter referred to as the White Paper). The White Paper, according to the 2.0 related requirements for cybersecurity classified protection of Information Security Technology-General Requirements for Classified Protection of Cybersecurity (GB/T 22239--2019), and Information Security Technology- Evaluation Requirements for Classified Protection of Cybersecurity (GB/T25070-2019), elaborates on the cybersecurity classified protection compliance service system for cloud computing service in combination with the security technology and management advantages of JD Cloud.


The White Paper elaborates on cloud computing service mode, security compliance responsibility division, cloud security compliance capability assessment, typical application scenarios of JD Cloud, security compliance architecture configuration, etc. By virtue of the White Paper, relying on the security capability, cloud product capability and cloud security product service capability of JD Cloud Platform, and in combined with their own business applications and security protection capability for data protection, cloud service customers can quickly obtain the security compliance requirements under different cloud computing modes, building their security compliance systems for their cloud service customer business system that meet the cybersecurity classified protection.


Currently, the cybersecurity classified protection system in China has entered "Era 2.0". The cloud computing classified protection is an important innovation in Era 2.0 of cybersecurity classified protection. Users need to understand the distinction between on-cloud classified protection and traditional off-cloud classified protection, make full use of the technology advantages brought by cloud computing and IoT service model, re-use the compliance capability of cloud infrastructure, and let themselves focus more on their own business application system and data security protection.


Based on years of deep expertise in the field and continuous inputs in basic research, JD Cloud has provided multi-dimensional technical support capabilities in the field of cloud computing security. According to 2.0 Compliance Model for the cybersecurity classified protection of the Cloud Computing Platform, the security technology capabilities of JD Cloud Computing Platform and requirements related to 2.0 standards of cybersecurity classified protection are highly matched, with the security concept of "One Center, Triple Defense" of cybersecurity classified protection 2.0 as the core, forming a comprehensive cloud computing security protection capability from bottom to up to help users avoid threats and risks on cloud. nbsp;


modify1.jpg

Classified Protection Security Construction Framework of JD Cloud


  Network security is the lifeline of users' business. JD Cloud hopes to do its best to provide network security services focusing cloud computing application scenarios and on-cloud user application systems to escort users for their cloud network security by building an active security protection system and with its cloud technology capability. " JD Cloud represented.


JD Cloud always attaches great importance to the construction of compliance qualification, continues to improve the standard certification system, and is committed to providing customers with comprehensive security compliance supports. JD Cloud has successively obtained multiple security compliance qualifications, such as ISO Information Security Management System International Certification, "Level III Classified Protection Certification of Information System Security" from Ministry of Public Security of the People's Republic of China, "Trusted Cloud Service Certification" from China Academy of Information and Communications Technology, "Standard Compliance Certificate of Cloud Computing Service Ability" from Ministry of Industry and Information Technology, PCI DSS Payment Card Industry Data Security Standard Certification, CSA STAR Cloud Security Certification, C STAR Cloud Computing Security Assessment Certification.


The release of the national standards on multi-level protection of information security scheme (MLPS) 2.0 marks a new era in the multi-level protection of national cybersecurity. As a cloud intelligent manufacturer with the most industrial attributes, JD Cloud will take initiative to cause the security system to comprehensively satisfy the national standards on multi-level protection scheme 2.0 and other applicable laws and regulations, and focus on building the new generation full-scenario cloud computing security protection system featured with active defense, overall prevention and control, precise protection, and intelligent evolution. JD Cloud will help cloud users in various industries build information-based systems for security compliance through secure and reliable leading products and solutions and professional network security services. At the same time, JD Cloud also hopes to work hand in hand with the government and enterprises to promote the construction of network security system with all industries, help the security compliance of its on-cloud business system, and build a security compliance system for the development of digital economy.