Ensuring the privacy and confidentiality of data and that customer media is protected are strategic priorities at CenturyLink. That filters down into our chain of custody procedures when handling or transferring customer media and in our procedures for the sanitization and disposal of media. Here's a shocking observation from the National Institute of Standards and Technology (NIST) Special Publication 800-88, Rev.1 on a leading source of media vulnerability and what is needed to close the gap.

An often rich source of illicit information collection is either through dumpster diving for improperly disposed hard copy media, acquisition of improperly sanitized electronic media, or through keyboard and laboratory reconstruction of media sanitized in a manner not commensurate with the confidentiality of its information. Media flows in and out of organizational control through recycle bins in paper form, out to vendors for equipment repairs, and hot swapped into other systems in response to hardware or software failures. This potential vulnerability can be mitigated through proper understanding of where information is located, what that information is, and how to protect it.

Part 3 of the Data Center series highlights the safety measures in place for digital and non-digital media in a CenturyLink data center. We've limited...

Read on...

Creating and deploying applications is like a carefully choreographed dance. One that requires balancing business goals with expectation setting. This feat includes steps like writing groundbreaking code, solving timing restrictions, and overcoming the technical obstacles between all of the teams involved. Ensuring that the dependencies and timelines between the development and testing teams are in sync and align with the hosting company and their assigned help desk engineers can be a daunting task in itself, and it often creates a bottleneck in the process. Even though this dance can be repeated countless times, it’s usually this last step that is clumsy and always results in a different outcome. What if there was a more streamlined, succinct approach to creating and duplicating environments?

What Is Killing Your Deployment Timeline?

Often, the environments in which applications are developed, tested, and deployed compose one of the biggest variables that can impact an overall timeline. The elements of the environments are the same almost every time: a carefully constructed staging environment, which is a cleaner, more stable version of the development environment, both of which closely mimic QA and production environments. When the time comes for deploying to a live environment, unless the environments closely align,...

Read on...

Cyber attacks on major corporations generate big news headlines, especially when they are successful. Threats to a data center from heat, humidity, water, or smoke aren't as flashy in terms of media coverage. They are, nonetheless just as real and, potentially, just as devastating. That's why you need a full array of environmental protections in and around your data center.

Any data center provider will affirm that they're required; and that all built-in protections fly under the radar until you really need them. To illustrate the point, on January 9, 2015 several news agencies covered a 3-alarm fire at a data center in Ashburn, Virginia. The massive building was under construction. The conflagration apparently had started on the roof. Fortunately, there were no injuries and firefighters were able to extinguish the blaze after about an hour.

This is Part 2 in a 3 Part series highlighting different protections inside and around a CenturyLink data center. This time we focus on the environmental safeguards that protect the facility, personnel, the infrastructure, and your data. If you missed Part 1 in the series, Data Center: Physical Security, you can find that topic right here.

Data Center Locations

We carefully choose the location of a data center...

Read on...

Security is newsworthy. Recently, the IRS reported as many as 330,000 taxpayer accounts they believe were accessed by thieves. These security breaches often result in identity theft and the loss of critical corporate data, and can cost your company millions of dollars in unrecoverable expenses.

As a company, you need to be aware of IT security and your need to be protected, and you might be wondering where to start. This post is the first in a multi-part series about the various types of security products available and what they can do for you. These tools can be used to secure anything -- whether it's a home PC or laptop, an enterprise tech stack or even a hosted hybrid cloud solution. The same principles apply everywhere. Initially, we’ll begin with host-based security products.

Host-based security products are those that reside on or help to protect one host, server, or virtual machine. These host-based security products can be used at home or at work. The three fundamental types we’ll discuss here are Anti-Virus/Anti-Malware, firewalls and IDS/IDP.

Anti-Virus or Anti-Malware

Let’s start with Anti-Virus or Anti-Malware products. These products detect and protect against software viruses on your host. These harmful files get to your host through...

Read on...

"Data security starts with physical security." Natalie Lehrer underscored that point in her Information Week article called A Guide to Physical Security. She's right. Protection of company personnel, facilities, and data begins with physical security. It's a strategic priority at CenturyLink. The "rubber meets the road" in the management and operation of the facilities. Our data centers earn a M&O Stamp of Approval Certification from the Uptime Institute. Joel Stone is responsible for Global Data Center Operations at CenturyLink. Here's his take on the importance of a data center receiving M&O Certification:

"Earning the M&O certification demonstrates the effectiveness of a data center’s management and operations, giving customers “peace of mind” by ensuring the facility that houses their critical IT functions has passed a rigorous, third-party audit to conform its practices to the highest of standards."

This is Part 1 in a three part series covering various aspect of data center security. Part 2 will discuss environmental protections. Part 3 will cover media protections.

Security Policies

It starts at the top. Physical security at a data center is governed by CenturyLink Corporate Security. This group oversees the policies, processes, and work rules ensuring that all data centers operate under a consistent set of procedures...

Read on...

For several years now, the question around the shift to IPv6 has been "When?" NOT "If". As of September 24th 2015, the American Registry for Internet Numbers (ARIN) announced it had issued final IPv4 addresses and the free pool for IPv4 addresses had reached “zero.” The time to prepare for your businesses' IPv6 transition is now!

Why Now is the Time to Start Planning

While a majority of the world's devices today are not yet compatible with IPv6, dual-stack technology ensures that legacy IPv4 devices will still work for the foreseeable future. However, soon IPv6 will be the only option for adding new devices or hosts on the Internet. Understanding the background behind IPv4 and the benefits of IPv6 are the first steps in proactive planning.

IPv4

Computers use Internet Protocol (IP) to find one another and permit communication. IP Version 4 (IPv4) was developed in the early 1980s during a much simpler time in Internet evolution. At that time, 4 billion addresses seemed like a huge number! Since then, the number of computers attached to the Internet has multiplied many times over. Plus, our vehicles and many devices in our homes and pockets use network connections. With the growing trend toward the Internet of...

Read on...

Improving your business requires changing your business. When dealing with Migration, changes need to be researched per business case and methodically implemented. Stakeholders and leadership are always looking for opportunities rooted in IT and product improvements. Whether these improvements are driven by cost savings or the need for increased capacity, disaster recovery, proximity to customers, or IT/product agility, a diversified data center solution could provide the advantages you are looking for. Over half the market of Enterprise IT decision makers are in the same boat and are researching change that will include a hybrid IT solution by 2017.

To help outline the benefits you might achieve through migration, this article introduces:

• Four basic hosting options
• Hosting option characteristics
• Hosting option selection goals:
  • Converting capital to operating expenses
  • Offloading staff responsibilities
  • Specific operational goals

Data Center Options

The market has responded to customer needs by providing several layers of data center options, offering increased offloading of facility and infrastructure management. Although individual providers have different mixes of features to offer and different ideas about what services to offer at each level, we can divide the space into four general categories.

On-Premises

Company-owned data centers run the gamut of sophistication from a gear closet to a stand-alone data center with dedicated facilities management....

Read on...

People generally agree on what the term "Managed Services" means, right? Unfortunately, "Managed Services" is a bit more complicated than a surface-level term. It’s easy to roll a collection of services, products, and tasks under one broad umbrella statement and call it a day. However, the problem is most companies, product owners, IT managers, customers, and engineers have their own version of what a “Managed Service” actually is, as each one’s experiences are unique. Recently, pressure from consumers for clarity around the term and details of Managed Services necessitates exploration in the effort of yielding a more concise explanation.

Welcome to the CenturyLink Cloud, Managed Services.

Bringing Managed Services to the cloud is one of the many facets of the CenturyLink Platform offerings.

Managed Services on CenturyLink Cloud provides experts at the ready to maintain and administer your cloud deployments for optimum performance and value. CenturyLink Cloud provides businesses with the power to instantly create managed environments for their most important applications such as production websites, SQL databases, and directory services. Additionally, managed workloads can be scaled with the same speed and agility people have come to expect from the public cloud.

Brief History of Managed Services

Managed Services started with break-fix. Over time, procedures...

Read on...

Traditional IT Disaster Recovery (DR) is both expensive and brittle. Today, however, inexpensive and robust disaster protection is available to all organizations through the emergence of Disaster-Recovery-as-a-Service (DRaaS), such as that offered by CenturyLink Cloud. The DRaaS market is exploding. In their Global Forecast Report, the research firm MarketsandMarkets estimates that today the DRaaS markets is $1.42BN, and that by 2020 the DRaaS market will be $11.92BN.

Cloud has driven this growth along with new technologies that allow companies to leverage their existing data center while also using the Cloud for DR. Some customers have begun using the Cloud for both their production data center as well as their recovery data center. In both cases, companies have been able to leverage the cloud to meet GRC (Governance, Regulatory and Compliance) requirements.

Today, in a global economy that runs 24x7x365, it is critical to have a DR plan that can be modified and tested as required. Unfortunately, many times these tests fail for one reason or another (e.g., modification to applications that depend on other applications, undocumented processes, issues with encryption keys, etc.). Let’s take a look at six primary benefits of DRaaS:

Key Benefits

1. Cost Savings

• Compute (CPU and Memory) – cost incurred only

Read on...

What's so different about how CenturyLink Cloud approaches Customer Care? Well, just about everything.

I sat down with Michael Talbert, the mastermind behind all our Customer Care initiatives, to find out what makes this team so unique and so successful.

"We've approached the idea of supporting our customers from a whole new angle... It's about empathy, taking care of customers and solving problems. It's way more than just technical support."

Lyza Latham: Michael, tell me what’s the big difference in how CenturyLink Cloud approaches Customer Care?

Michael Talbert: One of the things that’s frustrating for customers, particularly technical customers, is having to explain a complex problem to someone who isn’t technical. The traditional industry approach to Technical Support is to initially have the customer speak with a generalist. If the generalist can’t solve the problem, the issue is escalated—sometimes in multiple, painful increments—to more and more technical tiers until eventually the problem is resolved. We take a totally unique approach, with three key differentiators:

• We staff our team with senior service engineers who can handle 90% of issues at the first contact.
• As long as the issue doesn’t require a code change, we should be able to resolve it within that first engagement.
• Our interview and screening process puts the emphasis

Read on...

The Terrace Rooftop at the Moonrise Hotel is about to be compromised — and then secured with CenturyLink Cloud encryption. Register and join us as we dive head-first into cloud security, compliance and encryption in a multi-tenant environment. Our partnership with Vormetric, a leader in data security solutions, has created an easily-deployable security solution that translates across platforms and environments and protects data wherever it is stored (even data that isn’t in our cloud). Our main goal is to provide a workshop—a place where people from different backgrounds and companies can come together to learn about security options.

This isn’t a run-of-the-mill presentation and speech; we expect you to earn your drinks and food (there will be plenty). Our Cloud engineers will provide you with a CenturyLink Cloud demo account and an educational license for Vormetric, and then it’s your turn to play (you’ll have to supply the laptop, of course). We will be there to walk you through every step, and we'll even have some cool prizes to hand out at the end of the session.

This workshop doesn’t require you to be a security expert in order to attend. We welcome all kinds of IT pros, novices and everyone in...

Read on...

Today, we are proud to highlight the success story of one of our biotech customers, Cytobank. Cytobank is a cloud biopharma service that supports research labs around the world. We spoke to Robin Lee Powell, Director of IT Operations at Cytobank who shared how they leverage Cloud Application Manager to save on infrastructure costs and increase team efficiency.

Cytobank helps researchers study life-threatening diseases such as cancer. Scientists around the globe rely on Cytobank to organize, share, and analyze single-cell cytometry data on a massive scale. Visualizing single-cell data involves loads of data transfer and often heavy computations between the client and the backend. On top of that, each customer site is completely isolated and unique from another. Cytobank not only serves customer labs but also provides demo, development and QA environments for their offshore team to test site changes.

All this complexity requires high capacity resources for many uniquely configured site environments. Since the requirements and resource demands of each site vary uniquely, live usage metrics helps determine when to scale resources up or down. To fulfill the unique demands of customer, demo, and QA site environments, Cytobank leverages Cloud Application Manager as an integrated platform.

Self-Service Catalog to Scale Efficiently

At Cytobank,...

Read on...