Tencent Cloud

From LIMSWiki
Revision as of 22:32, 27 May 2021 by Shawndouglas (talk | contribs) (MSS)
Jump to navigationJump to search
Tencent Cloud
Industry Cloud computing, Web services
Founder(s) Ma Huateng
Zhang Zhidong
Xu Chenye
Chen Yidan
Zeng Liqing
Headquarters Shenzhen, Guangdong, China
Area served Worldwide
Key people Ma Huateng (CEO)
Products IaaS, PaaS, DBaaS, DaaS
Revenue $20.5 billion (Q4 2020)[1]
Website intl.cloud.tencent.com


Tencent Cloud is a collection of public, private, hybrid, and multicloud cloud computing services offered by Tencent, a Chinese multinational technology conglomerate. Tencent Cloud deploys to an unknown number of data centers in 27 regions and 62 availability zones around the world.[2] More than 70 different products and services are associated with Tencent Cloud, representing elastic computing, networking, content delivery, data storage, database management, security management, enterprise management, data analysis, container and middleware management, developer support, blockchain management, media management, and artificial intelligence.[2]


Provider research

This section uses public information to provide some answers to the 18 questions posed in Chapter 5 of the wiki-based guide Choosing and Implementing a Cloud-based Service for your Laboratory. In some cases, public information could not be found, and a recommendation to further discuss the question with the cloud service provider (CSP) is made.


1. What experience do you have working with laboratory customers in our specific industry?

Tencent Cloud has been implemented in the laboratories of the National Institute of Biological Sciences, Beijing[3], Shenzhen Technology University[4], Tsinghua University Institute of Biomedicine[5], and ZhongShan University.[3] It's not clear if any laboratory informatics vendors have turned to Tencent Cloud to host their SaaS solutions. A discussion with a Tencent Cloud representative is likely to be able to supply more examples of laboratories and laboratory informatics developers that use or have used Tencent Cloud.


2. Can your solution readily integrate with our other systems and business processes, making it easier for our end users to perform their tasks?

It will ultimately be up to your organization to get an answer from Tencent tailored to your systems and business processes. However, this much can be said about Tencent Cloud integrations. Tencent Cloud doesn't discuss integration approaches extensively, but it does make reference to its API, which "can greatly improve efficiency in performing frequently called functions, and different APIs can be combined to achieve more advanced features, easier automation and remote call as well as higher compatibility." They add that "Tencent Cloud provides an [software development kit] compatible with multiple languages that uniformly encapsulates the APIs of all of its products, allowing you to integrate Tencent Cloud services into your applications, databases or automation scripts with greater efficiency and convenience."[6]


3. What is the average total historical downtime for the service(s) we're interested in?

Little public information is made available about historic outages and downtime. You'll largely have to ask this of Tencent and see what response they give you. Tencent has demonstrated a desire to maintain a high level availability, stating "[t]he Service Availability Across Availability Zones in A Single Region of the Service provided by Tencent Cloud will be no less than 99.995%."[7] You may wish to consult a Tencent Cloud representative on the historic downtime of its solutions. That said, data losses have been reported in 2018[8], though no downtime or outage reports could be found.


4. Do we receive comprehensive downtime support in the case of downtime?

Tencent Cloud does not make this answer clear. However, the answer is likely tied to what after-sales support plan you choose. Confirm with Tencent Cloud what downtime support they provide based on the services your organization are interested in.


5. Where are your servers located, and how is data securely transferred to and from those servers?

Tencent Cloud has 61 availability zones spread across 26 regions made up of China, the United States, South America, Europe, Asia Pacific and other areas. Tencent Cloud uses its Content Delivery Network to "store your content based on caching policies. When a user makes a content request, it will be routed to the node closest to the user, reducing access delay and improving availability."[9] As for data transfer, Tencent Cloud has tools like Data Transfer Service to "securely and easily migrate your database onto the cloud."[10] As for the security of data in transit across servers, Tencent Cloud says little on their website. You'll have to discuss security for data in transit with a representative.


6. Who will have access to our data (including subcontractors), and what credentials, certifications, and compliance training do they have?

In its security whitepaper, Tencent addresses data management personnel and their training in the context of physical security in a few ways[11]

  • "Each data center has strict infrastructure and environment access controls based on different levels of regional security requirements. According to the data center personnel category and access rights, a complete personnel access control matrix is established in the access control authorization system to effectively control the access and operation behavior of various personnel in the data center."
  • "Tencent Cloud also requires all data center operators and builders to have the corresponding work qualifications and experience, and conducts regular security awareness and ability training for relevant personnel."
  • "Tencent Cloud also requires all data center personnel to regularly receive business continuity drill training to ensure the implementation of data center infrastructure security is effective."

For more information about the specific personnel who may have access to your data, discuss this with a Tencent representative.


7. Will our sensitive and regulated data be stored on a machine dedicated to complying with the necessary regulations?

Not all Tencent Cloud machines have the same controls on them; it will depend on the region, product, and compliance requirements of your lab. That said, verify with a representative that the machine your data will land on meets all the necessary regulations affecting your data.


8. How segregated is our cloud data from another customer's, i.e., will lapses of security of another customer's cloud affect our cloud? (It typically won't, but asking the question will hopefully prompt the provider to better explain how your data is segregated.)

Tencent appears use standard virtual machines, hypervisors, and network isolation rules for logical separation.[11] Although it's not 100 percent clear, it appears Tencent Cloud may also has bare metal (physical separation) options in the form of Cloud Physical Machines, "an on-demand physical server rental service provided on a pay-by-usage basis, designed to offer high-performance, securely isolated physical clusters dedicated to cloud."[12] For further information, discuss the topic with a Tencent Cloud representative.


9. Do you have documented data security policies?

Tencent Cloud documents its security practices in several places:

Some security-related documents, like the SOC 2 report, may not be publicly available, requiring direct discussion with a Tencent Cloud representative to obtain them.


10. How do you test your platform's security?

The Tencent website and documentation doesn't appear to even mention penetration testing or red team exercises. It makes reference to its Security Operations Center for customers, but it doesn't appear to talk about its own internal testing. A conversation with a Tencent representative will be necessary to learn more.


11. What are your policies for security audits, intrusion detection, and intrusion reporting?

Audits: Tencent gives several tools for customers to test the security of their own accounts, including CloudAudit. As for its own security audits, Tencent is audited by the SOC[13], though it's not clear at what frequency. A discussion of Tencent's internal security audits will be necessary, along with requests for their SOC reports.

Intrusion detection and reporting: Tencent Cloud provides a tool called Cloud Workload Protection, which "leverages the massive amount of threat data accumulated by Tencent Security and uses machine learning algorithms to provide security services such as intrusion detection and vulnerability alerts.[14] However, it's not clear if Tencent uses the same product internally for its own intrusion detection and alerts. This will be a question for a representative.


12. What data logging information is kept and acted upon in relation to our data?

The company says that "Tencent Cloud keeps detailed logs of all operations in both internal and external management systems for effective risk traceability."[15] However, it gives no further details. A discussion with a Tencent representative will be required to learn more about this topic.


13. How thorough are those logs and can we audit them on-demand?

While information is provided about customers viewing their own logs via solutions such as Cloud Log Service, no information appears to be provided about how customers can view internal logs collected by Tencent on their own infrastructure. You'll have to discuss this with a Tencent representative.


14. For HIPAA-eligible data (e-PHI) we may have, will you sign a business associate agreement?

Tencent states that they release "self-assessment reports for HIPAA compliance, which explain its ability to protect users' personal information and the effectiveness of the control measures taken."[16] However, they make no mention of a business associate agreement in their documentation. You'll have to discuss this topic with a representative.


15. What happens to our data should the contract expire or be terminated?

After scanning the terms of service and general service level agreements, no information was found concerning what happens to your data. Those or other documents may make reference to that information, but it was unable to be found if it exists. Consult with a Tencent representative to get a clear picture of what happens to your data after contract expiration or termination.


16. What happens to our data should you go out of business or suffer a catastrophic event?

"Tencent Cloud has the unique all-purpose placement cluster, which not only provides multiple availability zones in the same region, but also three-layer disaster recovery across physical machines, racks, and switches in an availability zone. Therefore, it has comprehensive disaster tolerance."[11]


17. Can we use your interface to extract our data when we want, and in what format will it be?

Tencent discusses data extraction in in the context of material stored in your Cloud Object Storage, where "you can extract data from individual files stored in buckets using the standard SQL templates we provide or by specifying statements that comply with syntax rules."[17] They also make reference to data extraction in some of its other products. Little is said about the format the data will be in, however. Discuss this with a Tencent representative.


18. Are your support services native or outsourced/offshored?

It is unclear if support personnel are local to the customer or if support is outsourced to another business and country. Discuss this with a Tencent Cloud representative.


Managed security services

Tencent Cloud doesn't appear to provide managed security services for customers.


Additional information

Documentation and other media

External links

References

  1. "Tencent Announces 2020 Fourth Quarter and Annual Results". PRNewswire. 24 March 2021. https://www.prnewswire.com/news-releases/tencent-announces-2020-fourth-quarter-and-annual-results-301254728.html. Retrieved 29 April 2021. 
  2. 2.0 2.1 "Tencent Cloud Global Infrastructure". Tencent. https://intl.cloud.tencent.com/global-infrastructure. Retrieved 29 April 2021. 
  3. 3.0 3.1 Lau, S.Y. (2020). "“Leveraging ICTs and Digital Government for Innovative Solutions to Address the COVID-19 Pandemic Responses in Africa" (PDF). United Nations. http://www.unpog.org/file/download.asp?sn=345. Retrieved 18 April 2021. 
  4. Leah; Brian (17 May 2019). "SZTU, Tencent join hands in establishing college and laboratories". Shenzhen Technology University. https://english.sztu.edu.cn/info/1004/1186.htm. Retrieved 18 April 2021. 
  5. Feifei, F. (28 September 2020). "Tsinghua University, Tencent sign in-depth cooperation agreement". ChinaDaily.com. https://www.chinadaily.com.cn/a/202009/28/WS5f71da3fa31024ad0ba7c6d8.html. Retrieved 18 April 2021. 
  6. "TencentCloud API". Tencent. https://intl.cloud.tencent.com/product/api. Retrieved 18 April 2021. 
  7. "CVM Service Level Agreement". Tencent. 1 November 2020. https://intl.cloud.tencent.com/document/product/301/30393. Retrieved 18 April 2021. 
  8. Qianqian, D. (7 August 2018). "Media Firm Demands USD1.6 Million From Tencent Over Cloud Data Loss". Yicai Global. https://www.yicaiglobal.com/news/media-firm-demands-usd16-million-from-tencent-over-cloud-data-loss. Retrieved 18 April 2021. 
  9. "Product Overview". Tencent Cloud Documentation - Content Delivery Network. Tencent. 12 June 2020. https://intl.cloud.tencent.com/document/product/228/2939. Retrieved 18 April 2021. 
  10. "Data Transmission Service". Tencent. https://intl.cloud.tencent.com/product/dts. Retrieved 18 April 2021. 
  11. 11.0 11.1 11.2 "Tencent Cloud Security White Paper" (PDF). Tencent. June 2019. https://main.qcloudimg.com/raw/ea77661307adc3825990e159d851d406.pdf. Retrieved 18 April 2021. 
  12. "Brief". Tencent Documentation. Tencent. 9 May 2017. https://intl.cloud.tencent.com/document/api/386/7031. Retrieved 18 April 2021. 
  13. "SOC Audit". Tencent. 19 March 2021. https://intl.cloud.tencent.com/document/product/363/11543. Retrieved 21 April 2021. 
  14. "Product Introduction". Tencent Cloud Documentation - Cloud Workload Protection. Tencent date=27 February 2020. https://intl.cloud.tencent.com/document/product/296/2221. Retrieved 21 April 2021. 
  15. "Notes on Information Security". Tencent Cloud Documentation - TencentDB for MariaDB. Tencent. 9 March 2021. https://intl.cloud.tencent.com/document/product/237/7478. Retrieved 21 April 2021. 
  16. "HIPAA". Tencent Cloud Documentation - Compliance. Tencent. 19 February 2020. https://intl.cloud.tencent.com/document/product/363/34541?lang=en. Retrieved 21 April 2021. 
  17. "Data Extraction". Tencent Cloud Documentation - Cloud Object Storage. Tencent. 28 December 2020. https://intl.cloud.tencent.com/document/product/436/32538. Retrieved 21 April 2021.