Regulations on the Security Protection of Key Information Infrastructure; Implemented Today! ZDATA Constructs Infrastructure Security Barrier

The "Regulations on the Security Protection of Critical Information Infrastructure" (referred to as the "Regulations") is the first administrative regulation in China specifically for the security protection of key information technology facilities. It provides detailed provisions on critical issues such as the scope definition, authorization recognition, and responsibility mechanism for critical information infrastructure. The Regulations serve as a refinement and implementation of relevant sections of the previously released "Cyber Security Law" and represent a significant milestone in the country's efforts to safeguard network security and information security.

The scope of critical information infrastructure includes important industries and sectors such as public communication and information services, energy, transportation, water conservancy, finance, public services, e-government, and defense technology industries. It also includes other important network facilities and information systems that, once damaged, lose functionality, or experience data leakage, may seriously endanger national security, the national economy, public interests, and other critical areas.

Data centers, as part of the mentioned information systems, are also included within the scope of the Regulations. This implies that ensuring the security of critical information infrastructure is no longer solely a business agreement between data center operators and customers but has become a legal responsibility for operators. Therefore, enhancing awareness, capabilities, and levels of security protection for critical information infrastructure has become a crucial element and winning strategy for data center operators to promote digital economic development and solidify the foundation of digital security.

ZDATA has been committed to cultivating a culture of security, considering the continuous and stable operation of the data center as a mission and commitment. Since the centralized operation of data centers, ZDATA has established a framework and processes for information security and risk management, taking into account the development strategy and business characteristics of data centers. Policies have been formulated for data center operation and maintenance, backup and recovery, emergency event handling, and information confidentiality. During key business activities such as customer events, ZDATA deploys comprehensive plans in advance, covering network, power supply, cooling, emergency response, communication channels, logistics support, and more. Rigorous inspections and drills are conducted, achieving 24/7 standby and maintaining a record of zero failures to date.

With the implementation of the Regulations, ZDATA will continue to actively align with the Regulations, the Cyber Security Law, and other legal regulations. It will shoulder security compliance obligations and responsibilities, construct a comprehensive data security defense system across security organization, strategy, technology, and operations. By enhancing cloud infrastructure service capabilities, ZDATA aims to build a security barrier for critical infrastructure, serving government and enterprise users.