MTCS
MTCS is based on ISO 27001/02 Information Security Management System standards. The certification was prepared by the Multi-Tiered Cloud Security Working Group of the Cloud Computing Standards Coordinating Task Force. It was overseen by the Information Technology Standards Committee (ITSC).
Why do you need to adopt Multi-Tier Cloud Security?
The Multi-Tier Cloud Security (MTCS) is the pioneering security standard globally that entails cloud security at several layers. The MTCS standard encourages adoption of cloud computing through the spectrum of various industries by providing detailed security service levels of Cloud Service Providers. Level 1 being the base and Level 3 being the most stringent, it is designed for companies with regulatory compliance requirements that addresses security risks to high impact IT systems using cloud services.
With the controls already in place, there might be few Industry specific regulations applied to supplement and address security risks and threats in high impact information systems using cloud services.
MTCS has a self-disclosure requirement, which means that providers are obliged to report on data retention, data sovereignty, data portability, liability, availability, business continuity, disaster recovery and incident management.
Is Tata Communications MTCS certified?
Tata Communications has achieved the Level 3 MTCS certification, ensuring the highest possible level of security for enterprises moving data to the cloud in Singapore, supporting the provision of Tata Communications Vayu Cloud Platform Services and VPDC cloud services using Infrastructure as a Service (IaaS) model.
| Cloud Governance | Information security management Human resources Risk management Third party Legal and compliance Incident management Data governance |
| Cloud Infrastructure security | Audit logging and monitoring Secure configuration Security testing and monitoring System acquisition and development Encryption |
| Cloud operations management | Physical and environment security Operations Change management Business continuity planning and disaster recovery |
| Cloud info security | Cloud services administration Cloud user access Tenancy and customer isolation |
| Tata Communications Vayu Cloud | In-Scope services |
| Compute | Cloud services, Virtual Services, Auto Scaling |
| Network | VPN Gateway, Load balancer, switches, router, WAF, Firewall, NFV |
| Storage/Backup | Block, File and ICS (Object) backup Scheduled data backup and data restoration |
| Database | Managed Oracle, MS-SQL, DB2 or MySQL database administration |
| Middleware | Managed Middleware service is offered on applications including JBOSS; TOMCAT; Apache Application maintenance |
| Hypervisor | VMware, Hyper-V and KVM |
| Load balancer | Static, Dynamic, Persistence : NFV-Virtual Appliance, Physical Appliance |
| Security | SIEM, DDoS detection & mitigation, firewall monitoring & management, WAF, UTM and network based vUTM – SIGS, Managed and monitoring IDS/IPS, OAuth |
ABOUT MTCS
Cloud security requires additional or enhanced controls to be implemented to address new or elevated risks associated with outsourcing IT services to cloud.
Other certifications
We offer a wealth of experience and a wide portfolio of products designed to help your business grow. Discover more exciting opportunities and create a truly bespoke solution.
Frequently asked questions
What is MTCS certification?
MTCS Compliance refers to the Multi-Tier Cloud Security standard, a security framework built on ISO 27001/02. It defines three security tiers for cloud service providers, with Level 3 being the most stringent. MTCS helps organisations understand the security posture of cloud platforms and ensures providers meet robust, industry-aligned cloud security controls.
Is MTCS similar to ISO 27001?
MTCS builds on ISO 27001 but goes further by offering cloud-specific, tiered security requirements. While ISO 27001 covers general information security management, MTCS Compliance adds cloud-focused controls such as data sovereignty, tenancy isolation, security testing, and cloud operations standards, offering greater depth for high-impact cloud environments.
What is MTCS Level 3 certification and why is it important for cloud services?
MTCS Level 3 is the highest tier of MTCS Compliance, designed for organisations with strict regulatory and security needs. It ensures the cloud provider meets advanced requirements for governance, risk management, data protection, encryption, and resilience. This level is essential for industries where data sensitivity and operational integrity are critical.
How does Tata Communications’ Vayu Cloud platform ensure MTCS-certified security and compliance?
Tata Communications’ Vayu Cloud platform achieves MTCS Compliance through Level 3 certification, implementing strong controls across governance, audit logging, secure configuration, encryption, access management, and disaster recovery. These measures ensure high-security standards for Singapore-based workloads and regulated industries requiring advanced cloud protection.
How can organisations ensure their cloud services comply with MTCS standards?
Organisations can ensure MTCS Compliance by choosing cloud providers certified under MTCS, reviewing their security controls, and verifying adherence to data retention, sovereignty, DR, and operational requirements. They should also assess shared responsibility models, enforce strong governance, and continuously monitor security practices to stay aligned with MTCS guidelines.
How does Multi-Tier Cloud Security (MTCS) ensure data protection in cloud infrastructure?
MTCS enhances data protection by applying tiered controls covering identity security, encryption, incident response, monitoring, virtualisation security, and business continuity. Through MTCS Compliance, cloud providers must disclose and implement strong safeguards across governance, infrastructure, and operations, ensuring data is secure, traceable, and protected against cloud-specific risks.
What benefits do enterprises gain from using Tata Communications’ MTCS-compliant cloud services?
Enterprises gain higher trust, improved security, regulatory readiness, and stronger risk management with Tata Communications’ MTCS Compliance. Level 3 certification ensures advanced protection for mission-critical workloads, secure isolation for multi-tenant environments, and robust operational controls, allowing organisations to adopt cloud confidently and securely.
What’s next?
Experience our solutions
Engage with interactive demos, insightful surveys, and calculators to uncover how our solutions fit your needs.
Exclusively for You
Stay updated on our Cloud Fabric and other platforms and solutions.
Disclaimer: IZO™ Cloud is now Tata Communications Vayu Cloud. TATA COMMUNICATIONS VAYU branded services are available in India only.