Accountability and oversight
HPE helps you to improve accountability and oversight for security by helping you to identify and remediate your security, risk and compliance gaps.
Shared responsibility: Elevate edge to cloud security with a trusted partner
The HPE GreenLake security shared responsibility model considers a comprehensive view of the entire ecosystem and a clear delineation of where security responsibility lies—with you, with HPE, or with your colocation provider-and defined by resource location, usage, management, and operation.
HPE GreenLake platform
HPE is responsible for the security of the unified HPE GreenLake platform and the cloud and as-a-service solutions powering the hybrid cloud experience. The customer is responsible for user management.
HPE GreenLake infrastructure
HPE has primary responsibility for infrastructure security. HPE GreenLake is secured in the supply chain, with HPE Integrated Lights-Out, silicon root of trust, and subject to verification through zero trust attestation.
HPE GreenLake solutions
HPE responsibility across the range of HPE GreenLake Solutions varies depending on the services in the engagement. The customer is always responsible for the security of data within the hybrid cloud. This includes what data should be stored in the cloud, as well as how that data should be protected.
How HPE helps customers with compliancy
Managing compliance in a hybrid cloud environment is a complex task involving both the way the services are delivered as well as the way the services are consumed. It’s important to work with service providers who offer full transparency around the way that they address compliance and understand how this fits into an organizational framework.
Supporting customer questions
At HPE, we focus our compliance efforts on our internal environments (e.g. by applying best practices from the ISO 27001 and other frameworks), and platform/service compliance (e.g., with SOC2 attestations). In cases where the full scope of applicability is wider than the scope of the services or products delivered by HPE, we play a role in supporting your compliance efforts.
HPE Cybersecurity Services
Our experts will help you understand and address gaps in security, risk and compliance programs across your organization and remotely monitor, detect, and help resolve issues while identifying ways for continuous improvement against evolving threats.
Explore security, risk, and compliance services from HPE
Get security, risk, and compliance confidence
HPE Managed IT Compliance
Protect your business and close your with comprehensive security risk and compliance services from HPE Services.
Regulatory Compliance & Governance Office
For further information regarding our compliance program, please contact our Regulatory Compliance & Governance Office, via your sales contact or by using the contact form on our website
Compliance and certifications
HPE holds global ISO 27001 certification for more than 90 sites in 40 countries. Our compliance program also includes SOC 1 and SOC 2 attestation for a number of our customer support centers, TISAX certification for the automobile industry, FedRAMP for HPE Aruba Networking Central and CSA STAR assessments for our cloud management platforms.