Shared Security on the Cloud

CenturyLink operates on a "Shared Responsibility" model for security. The shared responsibility model delineates CenturyLink's obligation to secure the underlying infrastructure as well as the customers' obligation to secure their own virtual servers, applications, and systems with tools that we and our partners provide. We commit to security roles and responsibilities that are within our ability to manage, while the client commits to security areas that are within the client's control.

Infrastructure as a Service (IaaS) Security

The figure below shows a simplified diagram of IaaS security responsibility sharing between CenturyLink and the client. At a high level, CenturyLink is responsible for security of the cloud infrastructure, including the data center and network, and basic services of compute and storage. The client is responsible for what it controls and lays on top of the infrastructure, such as the application software and data. The level of responsibility depends to some degree on the type of service in use.

CenturyLink IaaS Cloud Security Shared Responsibility Approach

Hybrid IT Approach to Security

CenturyLink works with its customers to address their specific compliance needs by leveraging a unified responsibility security model depending on which services the client is requiring CenturyLink to manage. As a recognized leader in Hybrid IT environments, CenturyLink has the real-world experience to determine the right mix of technology to meet your specific business needs, workloads and end-user expectations. We rely on a whole array of “building blocks” with built-in compliance certifications to meet most universally-accepted security frameworks and standards.

CenturyLink identifies and delivers the right blend of IT services, all from a single capable and reliable provider.

  • Integrated and optimized solutions from multiple IT infrastructure models aligning technology capabilities with the needs of business
  • Combining the best of your traditional IT with additional capabilities that your IT may not be able to deliver on its own
  • Choose from individual offerings, co-managed, or fully-managed solutions based on your business priorities
  • All designed to meet your regulatory requirements from FISMA to HIPAA to PCI

CenturyLink delivers secure Hybrid IT solutions.

Compliance and security is obviously a top-level consideration whenever considering a move to a hybrid IT model. Security concerns have long been a factor preventing companies from either experimenting with or fully embracing a cloud environment. Organizations are rapidly assessing the gaps in their current security policies vs. the requirements necessary to meet the rigors of compliant standards. For its customers to become or remain aligned with relevant compliant certifications and security frameworks, CenturyLink possesses the necessary third party generated certifications required.


Related Products

Cloud Services

Hybrid-ready public cloud provides the agility, scalability and security expected from an enterprise-class cloud, backed by an industry leading global network.

Managed Services

Experts at the ready to maintain and administer your cloud deployments. Rapid provisioning, hourly billing, and highly automated.

Managed Security

A full complement of threat prevention, threat management, incident response and analysis services to support your hosted or on-premise enterprise security environments.

Managed Hosting

Maintain complex IT infrastructure and applications with our comprehensive portfolio of managed hosting services including, fully manage networks, servers, storage, operating systems, and security.

Managed Storage & Backups

Gives a range of storage options including data replication and back up/archiving. CenturyLink solutions are secure, affordable and can provide data resilience with up to 5 nines.