Channel Partner Program
Flexible solutions for your prospects and customers
Medium and Enterprise Business
Enterprise-grade solutions for organizations with more than 20 employees
Public Sector
Designed to support higher education, government agencies, and the communities they serve
Wholesale
Products and services purchased for resale
Small Business
Products and services for businesses with fewer than 20 employees
About Brightspeed Business
We’re on a mission to bring more connectivity to America—learn more about our story
Business newsletter
Read the latest edition of our Business Connect newsletter or sign up to stay informed on products, events, and more
Events Calendar
Come meet the Brightspeed Business team at one of these upcoming industry tradeshows or local events.
Newsroom
Read the latest press releases and learn about all the great things that have Brightspeed in the news
Careers
See what positions are available at Brightspeed and join the team that’s making a difference
Contact us

Business Solutions
Channel Partner Program
Flexible solutions for your prospects and customers
Medium and Enterprise Business
Enterprise-grade solutions for organizations with more than 20 employees
Public Sector
Designed to support higher education, government agencies, and the communities they serve
Wholesale
Products and services purchased for resale
Small Business
Products and services for businesses with fewer than 20 employees
About
About Brightspeed Business
We’re on a mission to bring more connectivity to America—learn more about our story
Business newsletter
Read the latest edition of our Business Connect newsletter or sign up to stay informed on products, events, and more
Events Calendar
Come meet the Brightspeed Business team at one of these upcoming industry tradeshows or local events.
Newsroom
Read the latest press releases and learn about all the great things that have Brightspeed in the news
Careers
See what positions are available at Brightspeed and join the team that’s making a difference
Contact us
Home Solutions

     Legal Resources    Trust and Safety    Security and Compliance

 

Security and Compliance

Brightspeed is committed to continuously striving to implement world-class security and risk management programs to protect our brand, people, shareholders and data, and to enable solutions by maintaining security processes and industry accepted standards, regulations and certifications that protect our customers, products and data. We are a trusted partner and advisor with a risk-based focus to support business growth while consistently exceeding our customer needs and expectations.

Compliant Products and Services

Brightspeed maintains a suite of the latest industry standards that ensures compliance and security are built into all of the products and services Brightspeed has to offer. Brightspeed trains and provides core security awareness that encourages our employees to recognize and defend against any Brightspeed cybersecurity risks.

Operational Security

By implementing operational best security practices, administrative security, framework, risk management and knowledge management practices, Brightspeed has developed an effective overall cybersecurity program for security, privacy and compliance. Brightspeed focuses on all aspects of security operations automation, vendor risk management, remote workforce risk management and an insider threat program. Brightspeed is committed to ensuring business resiliency and survivability during an incident or business disruption. Our Corporate Business Continuity Management program supports an environment of prevention, collaboration, communication, response and recovery, ultimately ensuring our ability to serve customers, shareholders and employees in the face of disruptive events.

Compliance and Audit

Brightspeed knows that maintaining proper security and compliance programs is critical to supporting and protecting our customers’ data and meeting their compliance requirements. We partner with external auditors to perform an assortment of annual assessments that meet industry and regulatory requirements. Brightspeed provides our customers with confidence in our security through attestations and certifications that meet stringent security and regulatory requirements.

Vulnerability Disclosure Program

Brightspeed greatly appreciates you informing us about security issues you discover. We take vulnerability disclosures very seriously and have an official Vulnerability Disclosure Program managed by HackerOne. We work with security researchers in good faith to secure Brightspeed’s systems. Because Brightspeed is an ISP and cloud provider, it can be difficult to distinguish between Brightspeed owned addresses and our millions of public IP addresses that we have allocated to customers. Though we develop and maintain other internet-accessible systems and services, we ask that active research and testing only be conducted on Brightspeed systems (including those of its affiliate companies such as CenturyLink and Quantum Fiber).

We ask the following of you when conducting vulnerability research and submitting vulnerabilities to Brightspeed:

  • To submit a report, please visit: https://hackerone.com/brightspeed?type=team
  • Report identified vulnerabilities to us immediately, as timely identification of security vulnerabilities is critical to mitigating potential risks
  • Cooperate with us while we review the submission to determine if the finding is valid and has not been previously reported
  • Include as much of the below information as possible to help us better understand the nature and scope of the reported issue:
    • Details necessary to identify the impacted system
    • Type and/or class of vulnerability
    • Step-by-step instructions to reproduce the vulnerability
    • Proof-of-concept or exploit code
    • Potential impact of the vulnerability
  • Refrain from disclosing the identified vulnerability to anyone else for a reasonable period of time so that we may conduct validation and implement associated remedies for the vulnerability

Do not engage in any of the following activities:

  • Accessing, downloading, or modifying data residing in any system or account that does not belong to you
  • Executing or attempting to execute any “Denial of Service” attack
  • Executing or attempting to execute any social engineering attacks
  • Posting, transmitting, uploading, linking to, sending or storing any malicious software
  • Testing in a manner that would result in the sending unsolicited or unauthorized junk mail, spam, pyramid schemes or other forms of unsolicited messages
  • Testing in a manner that would damage or degrade the operation of any Brightspeed systems
  • Testing third-party applications, websites or services that integrate with or link to Brightspeed systems
  • Testing that may violate any applicable law or impact the security or integrity of any personal or confidential information

This Policy and the Vulnerability Disclosure Program administered by HackerOne is subject to change or cancellation at any time without notice. This Policy is for informational purposes only and it does not create any binding obligation on Brightspeed or any legal relationship between Brightspeed and anyone who submits a vulnerability.

Please read the details of our VDP program on https://hackerone.com/brightspeed?type=team.

© 2024 Connect Holding LLC. All rights reserved.