Microsoft assures cloud data protection with ISO/IEC 27018 certification

Microsoft has become the first major cloud provider to adopt the world’s first international standard for cloud privacy, ISO/IEC 27018 in an effort to assure customers and the public of the privacy and security of their data in Microsoft’s cloud.The International Organisation for Standardisation (ISO) and International Electrotechnical Commission (IEC) jointly adopted the standard in July 2014, to establish a uniform, international approach to protection and privacy of personal data stored in the cloud.

In February 2015, Microsoft adopted this standard, which demonstrates the depth of the devices and technology giant’s commitment to the protection and security of customers’ data in the cloud and its continuing leadership in the cloud space. “Microsoft cloud will empower customers of all sizes to do more, be more, achieve more in their digital work and life and still be fully in control of their data and how they are used at all times,’’ said Ijeoma Abazie, director corporate affairs, Microsoft Nigeria, while speaking at a media parley.

She said Microsoft’s ISO 27018 Certification and adherence to the standard was important, given all the benefits to customers in guaranteeing the privacy and security of their data which gives them peace of mind and enables customers focus on their businesses.

Given recent government surveillance practices and following the US National Security Adviser (NSA) Snowden leakages, there have been growing concerns regarding the security of data stored online and in the cloud. “For over 10 years Microsoft has remained committed to providing strong privacy and security protections for its customers’ data.

Undertaking the audit culminating in receipt of the ISO 27018 certification affirms its unrelenting and longstanding commitment to the privacy and security of customers’ data in the cloud,” she said. ISO 27018 builds on ISO/ IEC 27001 (ISO 27001). ISO 27001 is a widely-recognised comprehensive international security standard for implementing and maintaining an information management system.

ISO 27018 enhances ISO 27001 as the former is customised for the cloud and includes a range of cloud- specific requirements and controls specifically for processing personally identifiable information (PII) in cloud services.

Microsoft’s adherence to ISO 27018 assures its enterprise customers that the privacy of their data will be protected and are assured of being fully in control of the use of their data in the cloud as Microsoft processes their personally identifiable information only as they instruct Microsoft.