SECURITY AND COMPLIANCE
See what networking services are in your area
View our high-level approaches to solving business and technology challenges
Learn how peers in your area are working with CenturyLink
Hybrid IT and Cloud
Voice and Unified Communications
Managed and IT Services
Get support, access resources, and explore products and services at centurylink.com.
CenturyLink achieves PCI compliance for your data through strict adherence to required guidelines, policies and procedures, including multiple firewalls as well as encryption and key management.
PCI is the security certification that applies to any organizations & merchants that accepts, transmits or stores any credit cardholder data. If any customer of an organization ever pays the merchant directly using a credit or debit card, then the PCI DSS requirements apply.
CenturyLink has PCI DSS compliant solutions and is a listed service provider on the VISA PCI Compliance Directory. We've obtained the following passing Reports On Compliance (ROC):
Data Center Services
Physical and administrative security controls in the majority of CenturyLink branded data centers
Managed Firewalls and NIDS Services
Cisco ASA and Check Point firewalls and Network Intrusion Detection Systems (NIDS)
In addition to delivering PCI compliant solutions, CenturyLink developed a detailed matrix of PCI controls for organizations with broader PCI requirements, customizable for each solution specifying the responsible party for each PCI control. In addition, it is appended to a PCI Addendum which defines CenturyLink's commitment with respect to the matrix.
Dedicated managed firewall service with intrusion detection & prevention
Dedicated managed web application firewall
Vormetric encryption and key management
Managed VPN with two-factor authentication
Managed threat management security scanning and penetration testing
Managed intrusion detection & prevention (IDS/IPS)
The CenturyLink Products and Services illustrated in this document are guidelines for implementing a PCI compliant solution using Dedicated Cloud. Attaining overall PCI compliance remains the responsibility of the Customer.
CenturyLink achieves HIPAA compliance for your data through strict adherence to required guidelines, policies and procedures. These efforts include multiple firewalls and non-ePHI VMs as well as encryption and key management.
CenturyLink Active-Active Disaster Recovery (DR) solutions offer the highest level of resiliency for mission-critical environments that require the lowest Recovery Time Objectives (RTOs). CenturyLink DR solutions are customizable to business needs from a broad portfolio of network, colocation, hosting, cloud security and IT services (design, deploy, test) offerings.
Comprehensive managed hosting services and eCommerce expertise to ensure the resiliency, uptime and integration of your end-to-end digital customer experience ecosystem, including web servers, eCommerce and WCM applications, order and fulfillment systems, network connectivity and databases.