CLOUD SECURITY FROM WINDSTREAM
Comprehensive confidentiality, integrity, and availability for networks of all sizes
Copyright 2015. All Rights Reserved.2
CLOUD SECURITY IS DIFFERENT
Decisions concerning the security of data in the cloud has shifted from the IT room to the boardroom, with 61% of companies indicating that executives are now involved in such decisions.Cloud Security Alliance, Cloud Security Alliance New Survey Finds Companies are in the Dark on Shadow IT Usage, January 9, 2015
Copyright 2015. All Rights Reserved.3
“While security of data remains a top barrier to cloud adoption, organizations are still moving forward in adopting cloud services, with 74% of respondents indicating they are either moving full steam ahead, or with caution…” Cloud Security Alliance, Cloud Security Alliance New Survey Finds Companies are in the Dark on Shadow IT Usage, January 9, 2015
SEEKING OUT THE CLOUD, BUT STILL WARY OF IT
WHEN YOU ENTRUST YOUR APPLICATIONS AND YOUR DATA TO A THIRD PARTY, YOU NEED TO KNOW THEY’RE SECURE—FROM IT TO THE BOARDROOM.
Copyright 2015. All Rights Reserved.4
WINDSTREAM CLOUD SECURITY – ENTERPRISE-READY
SMART Windstream is not just a Fortune 500 company. Windstream is the provider of choice for four out of five Fortune 500 companies for data, voice, network and cloud solutions.
COMPLIANTWindstream knows, and regularly meets, the evolving security needs of the enterprise—from retail to healthcare, to finance, and everything in between.
PERSONALWhether on your premise, or in our enterprise-class data centers, Windstream engineers work with you to provide solutions that are personalized to your individual security needs.
Copyright 2015. All Rights Reserved.5
SUPPORTING AND PROTECTING AT EVERY POINT
Preventing unauthorized access to your resources.
DATA PRIVACY
Protecting the data center with checkpoints, access mechanisms, and robust emergency procedures.
PHYSICAL SECURITY
Maintaining a secure network environment for data and other traffic.
NETWORKSECURITY
Copyright 2015. All Rights Reserved.6
SECURITY SUPREME AT THE DATA CENTER
Data resides in a secure WIN facility on secure servers
with 24x7 monitoring by NOC
24x7 staffed physical security
Biometric access control
Access to cages and cabinets
require an escort from security
personnelCameras digitally
record and retain all movement in and around the data
center
Fully compliant with SSAE-16, SOC 1 Type II, SOC 2 Type II, SOC 3,
PCI-DSS, HIPAA, HITECH AT101, NIST 800-53 and SAFE HARBORProximity plus
security code readers on all main entrance doors to the general facility
Copyright 2015. All Rights Reserved.7
AND AT EVERY OTHER JUNCTURE:
THE CIA TRIAD
The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security.
IT IS WINDSTREAM’S SECURITY FOUNDATION.
Techrepublic, “The CIA Triad” http://www.techrepublic.com/blog/it-security/the-cia-triad/
AVAILABILITY
CONFIDENTIALITY
INTEGRITY
The availability of information resources—that they’re there when you need them—from pieces of data to the communications infrastructure.
The trustworthiness of information sources—that data have not been changed inappropriately, whether deliberately or by accident. The concept also includes assurance that the data came from the source you think it came from—the source on which you’re relying.
Limiting information access and disclosure only to authorized users, and preventing access to unauthorized ones.
Copyright 2015. All Rights Reserved.8
Multi-Factor Authentication
Anti-Virus / Anti-Malware Service
Access Control Lists
CONFIDENTIALITY
Authentication to identify and limit users, including user IDs and passwords
Protections against malware, spyware, spam and phishing attacks
Limiting access to individuals’ personal information, including policies mapped to help you meet and exceed regulatory requirements
Windstream security tools to meet confidentiality requirements include:
Methods of assuring confidentiality include:
Copyright 2015. All Rights Reserved.9
INTEGRITY
To help maintain the integrity of your data—to preserve without corruption whatever was transmitted or entered into the system, right or wrong, Windstream employs:
• Intrusion Detection Systems (IDS)• Log Monitoring• Vulnerability Scanning• DDoS Protection• Web Application Firewall• Managed Firewall• Data Encryption
Copyright 2015. All Rights Reserved.10
AVAILABILITY
Data availability can be affected by a malfunctioning computer or device, malicious intrusion, natural phenomena like wind or water, or human causes, accidental or deliberate.
All Windstream security policies and procedures, from the network to the managed service contribute to data availability, protecting you to the level you require from:
• Physical or virtual server failure• Physical harm to, or natural disaster
impacting the data center• Malware, DDoS, or other malicious attack• Unauthorized access to data
Additional tools enabling data availability include:• Managed Firewall• Managed Anti-Virus / Anti-Malware• Global Load Balancing
Copyright 2015. All Rights Reserved.11
A COMPLETE SECURITY PORTFOLIO
Backed by policies and procedures that adhere to the CIA security policies model, Windstream custom delivers security solutions designed to meet your individual business needs, including:
Business Continuity
Managed Remote Backup
DRaaS
Wireless3G/4G Backup
IaaS
RedundantCircuitry
Managed Storage/Security
Managed Firewall Operating System Hardening
Intrusion Detection DDoS Mitigation
Log Management Web Application Firewall
Threat Management Vulnerability Scanning
Monitoring VPN Services
Multi-factor Authentication Physical Data Center Security
Anti-virus / Anti-Malware Services
Email Security
Global Load Balancing
Copyright 2015. All Rights Reserved.12
The highest security, customized for your network, your data, and your businessWINDSTREAM CLOUD SECURITY