ISO/IEC 27018

The cloud offers organizations and consumers a variety of benefits: cost savings, flexibility and mobile access to information top the list. It also raises concerns about data protection and privacy; particularly around personally identifiable information (PII). PII includes any piece of information that can identify a specific user. The more obvious examples include names and contact details or your mother’s maiden name. But ones people may not readily think of are medical records, IP addresses and banking statements.

Used with ISO/IEC 27001, ISO/IEC 27018 has been published to allow Cloud Service Providers whose infrastructure is certified to the standard to tell their existing and potential customers that their data is safeguarded and won’t be used for any purposes for which they don’t specifically give consent.

• Inspires trust in your business – provides greater reassurance to your customers and stakeholders that personal data and information is protected.
• Competitive advantage – stand out from your competitors by protecting personal information to the highest level.
• Protects your brand protection – reduces the risk of adverse publicity due to data breaches.
• Reduces risks – ensures that risks are identified and controls are in place to manage or reduce them.
• Protects against fines – ensures that local regulations are complied with, reducing the risk of fines for data breaches.
• Helps grow your business – provides common guidelines across different countries, making it easier to do business globally and gain access as a preferred supplier.

Get a better understanding of the standard and how it helps Cloud Service Providers and their customers.