Ir al contenido principal
Ver todos los productos
Calcular
Almacenamiento
Bases de datos
Servicios
Conexión
Herramientas para desarrolladores
Distribución
Seguridad
Sectores
Precios
Comunidad
Habla con nosotros
Esta página se presenta intencionadamente en inglés.

Security

We are committed to the security of our infrastructure and our users' data. Every component of our infrastructure has been designed to give you the foundation to build secure systems and applications to meet your needs.

Shared Security Model

Security is up to all of us.

Security is a shared responsibility at Linode, now Akamai. We control the physical hosts up to the hypervisor and can offer a high level of physical and environmental security with both our compute and storage offerings. You're responsible for making sure your Linode’s installed applications and code are securely configured and patched. By following best practices, you can build environments to meet the exacting standards required by HIPAA, PCI-DSS, GDPR, and your customers.

Vulnerability Management

Find, fix, repeat.

Linode is constantly scanning our networks and systems supporting your Linodes to ensure that systems under our control are configured correctly and are up-to-date with patches. Here's what we currently do to protect the infrastructure:

  • Linode has partnered with HackerOne to operate a bug bounty and disclosure program. We happily pay security researchers who find and document vulnerabilities in our applications.
  • We scan the hosts that support our Linodes for security vulnerabilities regularly.
  • We perform penetration tests on the hosts that support our Linodes on an annual basis.
  • We perform regular application testing on the applications that you use to start and configure your Linodes.

Please report any security vulnerabilities via our disclosure program, which outlines how you can contact our security team.

Physical Security and Networking

Keeping our systems safe and the lights on is a full-time job. Here's how we do it:

Each of our data centers has extensive physical, environmental, and network capabilities in place:

  • Access to the data center floor is restricted to data center employees and authorized visitors.
  • Data Centers are staffed 24/7/365 with security guards and technicians.
  • All employees and visitors are identified using biometrics and state issued Ids before entering the facility.
  • HVAC and power have redundant systems, so if one goes out, the others keep our systems powered and within operating temperature.
  • All of Linode's systems are segregated from other tenants by locking cabinets. Only datacenter staff assigned to supporting Linode systems have access to the keys.
  • Multiple Internet carriers using independent fiber connections to the data center floor.
  • Our networks within the data centers have redundant routers, switches, and service providers. Multiple systems can fail without affecting downtime or performance.

Certifications

Akamai's cloud computing services (Linode) are certified for ISO 27001, ISO 27701, ISO 27017, and ISO 27018, SOC2 Type 1, and HIPAA. The data centers listed below have the following certifications:

Atlanta

  • SOC 1 Type 2
  • SOC 2 Type 2
  • HIPAA
  • PCI DSS

Dallas

  • SOC 2 Type 2
  • SOC 3

Frankfurt

  • ISO/IEC 27001:2013
  • PCI DSS

Fremont

  • SOC 2 Type 2

London

  • ISO 14001:2015
  • ISO 22301:2012
  • ISO/IEC 27001:2013
  • ISO 50001:2011
  • ISO 9001:2015
  • OHSAS 18001:2007
  • PCI DSS
  • SOC 1
  • SOC 2 Type 2

Mumbai

  • ISO 27001
  • ISO 9001

Newark

  • SOC 1 Type 2
  • SOC 2 Type 2
  • HIPAA/HITECH Type 1
  • PCI DSS

Singapore

  • ISO/IEC 27001:2013
  • PCI DSS

Sydney

  • SOC 1 Type 2
  • SOC 2 Type 2
  • PCI DSS
  • ISO/IEC 27001:2013

Tokyo

  • SOC 1 Type 2
  • ISO/IEC 27001:2013

Toronto

  • ISO 27001
  • SOC 1
  • SOC 2
  • PCI DSS v3.s
  • NIST 800-53

Compliance

Linode’s compliance information can be found here.

Recommendations

Linode recommends that you perform basic hardening on your Linodes.

For some guidance on how to harden your systems, start here:

For more advanced security guidance, we recommend following an industry accepted hardening standard. The two most accepted are the Center for Internet Security Benchmarks and the Defense Information Systems Agency's Security Technical Implementation Guides (DISA STIG).

Both the CIS Benchmarks and DISA STIGs include hardening guidance on operating systems and common applications. Following these guidelines go far to reduce the risk of compromise of your systems and infrastructure.