2. CLOUD SECURITY IS DIFFERENT
Copyright 2015. All Rights Reserved.2
Decisions concerning the security of data
in the cloud has shifted from the IT room
to the boardroom, with 61% of companies
indicating that executives are now
involved in such decisions.
Cloud Security Alliance, Cloud Security Alliance New Survey Finds Companies
are in the Dark on Shadow IT Usage, January 9, 2015
3. Copyright 2015. All Rights Reserved.3
“While security of data remains a top barrier to
cloud adoption, organizations are still moving
forward in adopting cloud services, with 74% of
respondents indicating they are either moving full
steam ahead, or with caution…”
Cloud Security Alliance, Cloud Security Alliance New Survey Finds
Companies are in the Dark on Shadow IT Usage, January 9, 2015
SEEKING OUT THE CLOUD, BUT STILL WARY OF IT
WHEN YOU ENTRUST YOUR APPLICATIONS AND YOUR DATA
TO A THIRD PARTY, YOU NEED TO KNOW THEY’RE SECURE—
FROM IT TO THE BOARDROOM.
4. WINDSTREAM CLOUD SECURITY –
ENTERPRISE-READY
Copyright 2015. All Rights Reserved.4
SMART
Windstream is not just a Fortune
500 company. Windstream is the
provider of choice for four out
of five Fortune 500 companies
for data, voice, network and cloud
solutions.
COMPLIANT
Windstream knows, and
regularly meets, the evolving
security needs of the
enterprise—from retail to
healthcare, to finance, and
everything in between.
PERSONAL
Whether on your premise, or in
our enterprise-class data centers,
Windstream engineers work
with you to provide solutions
that are personalized to your
individual security needs.
5. SUPPORTING AND PROTECTING AT EVERY POINT
Copyright 2015. All Rights Reserved.5
Preventing unauthorized
access to your resources.
DATA
PRIVACY
Protecting the data center with checkpoints, access
mechanisms, and robust emergency procedures.
PHYSICAL
SECURITY
Maintaining a secure network environment
for data and other traffic.
NETWORK
SECURITY
6. SECURITY SUPREME AT THE DATA CENTER
Copyright 2015. All Rights Reserved.6
Data resides in a
secure WIN facility
on secure servers
with 24x7
monitoring by NOC
24x7 staffed
physical security
Biometric access
control
Access to cages
and cabinets
require an escort
from security
personnel
Cameras digitally
record and retain all
movement in and
around the data
center
Fully compliant with
SSAE-16, SOC 1
Type II, SOC 2
Type II, SOC 3,
PCI-DSS, HIPAA,
HITECH AT101,
NIST 800-53 and
SAFE HARBOR
Proximity plus
security code
readers on all main
entrance doors to
the general facility
7. AND AT EVERY OTHER JUNCTURE:
THE CIA TRIAD
Copyright 2015. All Rights Reserved.7
The CIA Triad is a venerable,
well-known model for security
policy development, used
to identify problem areas and
necessary solutions for
information security.
IT IS WINDSTREAM’S
SECURITY FOUNDATION.
Techrepublic, “The CIA Triad” http://www.techrepublic.com/blog/it-security/the-cia-triad/
AVAILABILITY
CONFIDENTIALITY
INTEGRITY
The availability of information resources—that
they’re there when you need them—from
pieces of data to the communications
infrastructure.
The trustworthiness of information sources—that data have not been changed
inappropriately, whether deliberately or by accident. The concept also includes
assurance that the data came from the source you think it came from—the source
on which you’re relying.
Limiting information access and disclosure only to authorized
users, and preventing access to unauthorized ones.
8. Multi-Factor Authentication
Anti-Virus / Anti-Malware Service
Access Control Lists
CONFIDENTIALITY
Copyright 2015. All Rights Reserved.8
Authentication to identify and limit users,
including user IDs and passwords
Protections against malware, spyware,
spam and phishing attacks
Limiting access to individuals’ personal information,
including policies mapped to help you meet
and exceed regulatory requirements
Windstream security tools
to meet confidentiality
requirements include:
Methods of assuring
confidentiality include:
9. INTEGRITY
Copyright 2015. All Rights Reserved.9
To help maintain the integrity
of your data—to preserve
without corruption whatever
was transmitted or entered
into the system, right or
wrong, Windstream employs:
• Intrusion Detection Systems (IDS)
• Log Monitoring
• Vulnerability Scanning
• DDoS Protection
• Web Application Firewall
• Managed Firewall
• Data Encryption
10. AVAILABILITY
Copyright 2015. All Rights Reserved.10
Data availability can be
affected by a
malfunctioning computer
or device, malicious
intrusion, natural
phenomena like wind
or water, or human
causes, accidental or
deliberate.
All Windstream security policies and procedures,
from the network to the managed service
contribute to data availability, protecting you
to the level you require from:
• Physical or virtual server failure
• Physical harm to, or natural disaster
impacting the data center
• Malware, DDoS, or other malicious attack
• Unauthorized access to data
Additional tools enabling data availability include:
• Managed Firewall
• Managed Anti-Virus / Anti-Malware
• Global Load Balancing
11. A COMPLETE
SECURITY PORTFOLIO
Copyright 2015. All Rights Reserved.11
Backed by policies and
procedures that adhere to the
CIA security policies model,
Windstream custom delivers
security solutions designed to
meet your individual business
needs, including:
Business
Continuity
Managed
Remote Backup
DRaaS
Wireless
3G/4G Backup
IaaS
Redundant
Circuitry
Managed
Storage/Security
Managed Firewall Operating System Hardening
Intrusion Detection DDoS Mitigation
Log Management Web Application Firewall
Threat Management Vulnerability Scanning
Monitoring VPN Services
Multi-factor Authentication Physical Data Center Security
Anti-virus / Anti-Malware
Services
Email Security
Global Load Balancing
12. Copyright 2015. All Rights Reserved.12
The highest security, customized for your
network, your data, and your business
WINDSTREAM CLOUD SECURITY