ISO/IEC 27001:2013 is an international standard for the Information Security Management System (ISMS) best practices that provides a general overview of what should be conducted by an organization or enterprise in an effort to implement the concept of information security. This specifies the requirements for establishing, implementing, operating, monitoring and continually improving ISMS for any entity irrespective of its size.
The standard regulates some of ISMS implementation process as follows:
Description | No. of Controls |
Context of the organization | 8 |
Leadership | 19 |
Planning | 39 |
Support | 28 |
Operation | 9 |
Performance evaluation | 29 |
Improvement | 16 |
Total Management Controls | 148 |
Management direction for information security | 2 |
Organization of information security | 7 |
Human resource security | 6 |
Asset Management | 10 |
Access control | 13 |
Cryptography | 2 |
Physical and environmental security | 15 |
Operation Security | 14 |
Communications Security | 7 |
System acquisition, development and maintenance | 13 |
Supplier relationships | 5 |
Information security incident management | 7 |
Information security aspects of business continuity management | 4 |
Compliance | 8 |
Total Operational Controls | 113 |
Total Control Points | 261 |
Tata Communications has achieved ISO/IEC 27001: 2013 certification of Information Security Management System (ISMS) covering our infrastructure, data centres, and services. These standards will be valuable to customers, who can now benefit from enhanced quality and information security standards.
Information Security Management System for service delivery and support operation of:
Managed Hosting Services | In-Scope services |
Operating System | Microsoft windows, RHEL, OEL, Solaris, IBM‐AIX, SUSE Linux, Debian Linux, Ubuntu Linux, Cent OS, Fedora |
Network | VPN Gateway, Load balancer, switches, router |
Storage/ Backup | Shared and dedicated models, SAN, NAS and FC /iSCSI |
Database | Oracle, MS-SQL, DB2 or MySQL database administration |
Middleware | Middleware service is offered on applications including JBOSS; TOMCAT; Apache; WebLogic; WebSphere |
Load Balancer | Static, Dynamic, Persistent: Radware, Citrix, SLB and GSLB, mSLB and mSLB with SSL off‐load |
Security | SIEM, DDoS detection & mitigation, firewall monitoring & management, WAF, UTM and network based vUTM – SIGS, Managed and monitoring IDS/IPS, OAuth |
IZO Private Cloud | In-Scope services |
Compute | Cloud services, Virtual Services, Auto Scaling |
Network | VPN Gateway, Load balancer, switches, router, WAF, Firewall, NFV |
Storage/Backup | Block, File and ICS (Object) backup Scheduled data backup and data restoration |
Database | Managed Oracle, MS-SQL, DB2 or MySQL database administration |
Middleware | Managed Middleware service is offered on
applications including JBOSS; TOMCAT; Apache Application maintenance |
Hypervisor | VMware, Hyper-V and KVM |
Load balancer | Static, Dynamic, Persistence : NFV-Virtual Appliance, Physical Appliance |
Security | SIEM, DDoS detection & mitigation, firewall monitoring & management, WAF, UTM and network based vUTM – SIGS, Managed and monitoring IDS/IPS, OAuth |
Contact us to learn how we can help you unleash collaboration, creativity, and commercial innovation.