SÃO PAULO, Feb. 27, 2018 – Global communications and IT provider CenturyLink, Inc. (NYSE: CTL) received certifications for specific services at five of its data centers in Latin America, demonstrating adherence to strict information security policies for certain cloud services.
“These certifications are significant because they underscore the extensive measures CenturyLink has implemented to protect our customers’ personal, confidential data and information systems for particular services hosted in our cloud environment,” said Gabriel del Campo, vice president of data centers, security, and cloud for CenturyLink Latin America. “The certifications require a comprehensive effort to define the best strategy; adding new roles, functions, processes and procedures; and implementing technology improvements, including extra controls to safeguard our data center services environment.”
- The International ISO/IEC 27017: 2015 - Code of practice for information security controls for cloud services – Compliance Statement for the DEC, DEC 3 and Cloud Mail services provided in its data centers in Cotia and Rio de Janeiro, Brazil.
- Extended the scope of the earlier Advanced Security Testing services audit under ISO/IEC 27001:2013 – and finding the ISO standard’s requirements had been met for the Information Security Management System - covering the Advanced Security Testing services provided in its data centers in Curitiba, Brazil and Suba and Bogotá (Colombia XV), Colombia.
- The ISO/IEC 27001:2013 - Information Security Management System is the extension of the second ISO 27001 certificate for CenturyLink in Latin America, issued for São Paulo and Rio de Janeiro Data Centers in 2016; the first, was granted to Level 3 Argentina in 2013.
- Valid for a period of two years, the Compliance of the ISO/IEC 27017:2015 was approved after an extensive audit of data center processes and infrastructure, conducted by TÜV Rheinland, a provider of technical, safety and certification services, which evaluated various security controls applied to the DEC, DEC 3 and Cloud Mail services and infrastructure of those data centers.
- Some of the ISO 27017:2015 requirements implemented include:
- Monitoring of cloud services according to strict information security defined controls.
- Risk analysis, treatment and incident management, ensuring information security risks have been identified and addressed in order to eliminate or minimize damages in the event of an incident occurring.
- Network security management, to keep all physical and virtual networks consistent by implementing strict controls.
- CenturyLink operates more than 360 data centers worldwide, 17 of which are in Latin America, including three in Brazil and three in Colombia.
- CenturyLink’s data centers host both CenturyLink’s and customers’ IT environments, and are managed by an on-site team of specialized technicians.
- CenturyLink’s global data center footprint has direct connectivity to its more than 720,000 kilometers (450,000 miles) of fiber network and metro market reach, serving customers in more than 60 countries.
About ISO/IEC Certifications:
- ISO/IEC 27017:2015 Compliance: An internationally recognized standard setting forth security controls to help safeguard customers’ information and intellectual property assets, specifically for cloud services. It is aligned to ISO/IEC 27001:2013 controls and implements a set of additional specific cloud security controls.
ISO/IEC 27001:2013 Certification: An internationally recognized standard setting forth security controls to help safeguard customers’ information and intellectual property assets.
CenturyLink (NYSE: CTL) is the second largest U.S. communications provider to global enterprise customers. With customers in more than 60 countries and an intense focus on the customer experience, CenturyLink strives to be the world’s best networking company by solving customers’ increased demand for reliable and secure connections. The company also serves as its customers’ trusted partner, helping them manage increased network and IT complexity and providing managed network and cyber security solutions that help protect their business.
D. Nikki Wheeler
Latin America Media: