The compliance check feature in Security Center lets you perform a classified protection compliance check and an ISO 27001 compliance check. Use this feature to assess whether your system meets the requirements for China's classified protection standard and the ISO 27001 international standard for information security management.
Background
Effective December 1, 2019, a series of standards including the Basic Requirements for Classified Protection of Cybersecurity (GB/T 22239-2019 Information Security Technology) took effect. Implementing the classified protection scheme is a key responsibility for all enterprises and organizations. In addition to ensuring its own platform meets the foundational requirements, Alibaba Cloud provides the classified protection compliance check feature to help you implement the classified protection scheme more quickly, efficiently, and consistently. This enhances the security of your business systems that run on the cloud.
ISO 27001 is the international standard for information security management systems. ISO 27001 certification signifies that an organization's information security practices are internationally recognized, demonstrating its ability to provide secure and reliable information services to customers. Security Center offers the ISO 27001 compliance check feature to help you achieve this certification.
Classified protection compliance check
The classified protection compliance check provides comprehensive security checks for your communication network, regional boundaries, compute environment, and management center. Use this feature to verify that your system meets classified protection requirements and to promptly identify and address security risks.
Log on to the Security Center console. In the left-side navigation pane, choose .
Optional: Above the Security Compliance Check tab, on the right side of the Alibaba Cloud Public Cloud Classified Protection Compliance Whitepaper 2.0 message, click and submit a document download request. to request the classified protection 2.0 solution package provided by Security Center.
On the Best Practices for Hierarchical Protection page, fill in the required information and submit the form. Approval takes two to four business days, after which the classified protection 2.0 solution package will be sent to your email address.
NoteThe classified protection 2.0 solution package includes the following materials:
Free professional guidance from Alibaba Cloud security architects
Classified protection 2.0 solution presentation
Sales licenses for security products
Alibaba Cloud platform classified protection filing certificate
Classified protection assessment report
Alibaba Cloud Public Cloud Classified Protection Compliance Whitepaper 2.0, which describes how Alibaba Cloud helps customers build a security compliance system based on classified protection.
On the Security Compliance Check tab, view the check result statistics.
View the total number of check items and non-compliant items
In the Total Check Items and Non-compliant Items sections, view the total number of check items supported for classified protection compliance and the number of non-compliant items, respectively. You can click the number in the Non-compliant Items section to view the list of non-compliant check items.
Best Practices for Hierarchical Protection
Alibaba Cloud provides a security solution for classified protection compliance 2.0 to help you pass the classified protection assessment. You can click View Classified Protection Best Practices in the Best Practices for Hierarchical Protection section to learn more about the security solution.
Online consultation for classified protection
Click Consult next to Contact Us to open a chat window and ask questions about classified protection. This service is available from 09:00 to 17:00 on weekdays.
Host Configuration Check
Click Click here to configure to open the Baseline Check page, where you can view and handle baseline issues on your assets. For more information, see View and handle baseline check results.
Search for a specific check item
In the search box, filter by check item category and compliance status, or enter the name of a check item to view matching results.
Remediate non-compliant check items.
Follow the instructions under Improvement Suggestion to remediate non-compliant check items.
NoteThe classified protection compliance check feature in Security Center assesses whether your system has the required security capabilities, such as access control and log audit. To pass the classified protection assessment, you must implement these capabilities and resolve all identified issues. For more information about classified protection, see Classified Protection Compliance 2.0 Security Solution.
ISO 27001 compliance check
You do not need to run an ISO 27001 compliance check manually. Security Center automatically runs a check and displays the latest results each time you visit the ISO 27001 compliance check page.
Log on to the Security Center console. In the left-side navigation pane, choose .
On the ISO 27001 Compliance Check tab, view the statistics and the list of check results.
If this is your first time using Security Center, click Authorize Now to grant Security Center access to your cloud resources so it can perform the ISO 27001 compliance check.
You can perform the following operations:
View the total number of check items and non-compliant items
In the Total Check Items and Non-compliant Items sections, view the total number of check items and the number of non-compliant items for the ISO 27001 compliance check.
View compliant, non-compliant, or in-progress check items
In the search box, set the search filter to Compliant, Non-compliant, or In Progress to view the corresponding list of check items.
Remediate non-compliant check items.
Follow the instructions under Improvement Suggestion to remediate non-compliant check items.
The ISO 27001 compliance check in Security Center assesses if your system meets certification requirements for areas like asset management, access control, cryptography, and operational security. Remediate any non-compliant items promptly.