On April 3 , 2018 , Alibaba Dingding announced that it has officially passed two authoritative security qualifications: SOC2Type1 service audit report and ISO27018 (privacy protection under public cloud system) certificate.
Dingdingfang revealed that this time it passed the SOC2 audit standard formulated by the American Institute of Certified Public Accountants (AICPA) , and the report was issued by the international audit firm PricewaterhouseCoopers.
In the SOC2Type1 report, Dingding passed the audit of the three principles of security, confidentiality and privacy, and passed the audit of the principle of privacy, and Dingding is the first company in China. It is understood that there are only a handful of companies around the world that have passed the SOC2 report of the Privacy Principles Audit, no more than five.
From this point of view, DingTalk's level of protection of user privacy data is not only far ahead in China, but also exceeds the first-class standard in the international market.
SOC report is Report on System and Organization Controls . The content framework and format of the report are formulated by the American Institute of Certified Public Accountants ( AICPA ) and are currently generally recognized by international SAAS providers as a report with auditing effects, providing assurance of system security for SAAS service provider customers.
It is understood that with the frequent outbreak of user privacy leaks at home and abroad, DingTalk has always regarded user privacy protection as the lifeline of its products. Luo Feng (named Jialu), head of DingTalk security, said that DingTalk has established a strict data security management and control system to strictly protect user privacy data. This time, the audit of the SOC2 report through the privacy principles also proves that DingTalk is very important for user privacy protection. technological leadership and full confidence.
Dingding's confidence in user data security and privacy protection also stems from the security of Alibaba's security department, which has more than 1,000 people behind it. It is understood that Ali's security system integrates big data risk prevention and attack and defense research, including anti-intrusion basic security, data security, application security, business security, security compliance, red and blue confrontation, offline project strikes, etc. Hundreds of petabytes of massive data are processed, calculated, analyzed and processed, and the three-dimensional defense-in-depth system has been continuously tempered in actual combat, and a comprehensive management mechanism such as account security, information protection, and anti-fraud has been established to prevent hackers and black and gray products from accusing DingTalk of user data. infringement.
According to industry insiders, enterprise-level products are mainly for enterprise users, and enterprises naturally have higher demands for business secrets and information security, which is also an important reason why enterprise-level software is safer than personal social software. As a leader in the domestic enterprise-level market, DingTalk is the first enterprise-level social product in China that has passed the ISO27001 : 2013 certification in the international information security field. The ISO27018 (Privacy Protection under Public Cloud System) certificate obtained this time also further proves Dingding's consistently strict standards for data security and privacy protection.
It is understood that there are more than 5 million enterprises and organizations on Dingding, including Fosun Group, China Unicom, Uni-President Group, Lianjia Real Estate, Didi Chuxing, Yuanda Technology, Xibei Catering, RT-Mart, Focus Media, and Sinopec Pipeline Many well-known companies in various industries, including storage and transportation companies, are using DingTalk.
政府部门尤其是公安系统,工作场景更为复杂,涉密性和安全性需求更高。据了解,钉钉还通过了中国公安部的“信息系统安全等级保护”三级认证,目前包括深圳交警、武汉市公安局、内蒙古交警等各地公安系统单位很多都在使用钉钉。多地警方表示,安全,是选择钉钉的首要原因。
其中最为典型的例子是公安部闻名的“团圆系统”,即公安部儿童失踪信息紧急发布平台,也是依托于钉钉平台建立组织架构,接入了全国6000多名打拐干警,连接了国内十几款流量最大的APP,专用于打拐反拐,被誉为中国版的“安珀警报”。
数据显示,团圆系统自2016年上线,截至2018年3月15日,“团圆”系统共发布的2767条失踪儿童信息,找回2694人,找回率达97.36%。
值得一提的是,在钉钉成为公安系统移动警务“标配”的同时,多地政府部门也在利用钉钉跨入移动办公时代。据新华社报道,2017年5月份开始,浙江决定在全省政务统一部署使用移动办公钉钉系统,提高行政决策效率。钉钉也成为2016年杭州G20峰会、2017年金砖国家厦门峰会安全保障的唯一沟通协同平台,为这些举世瞩目的盛会保驾护航。