ISO/IEC 27018 Information technology

The cloud offers organizations and consumers a variety of benefits: cost savings, flexibility and mobile access to information top the list. It also raises concerns about data protection and privacy; particularly around personally identifiable information (PII). PII includes any piece of information that can identify a specific user. The more obvious examples include names and contact details or your mother’s maiden name. But ones people may not readily think of are medical records, IP addresses and banking statements.

Used with ISO/IEC 27001, ISO/IEC 27018 has been published to allow Cloud Service Providers whose infrastructure is certified to the standard to tell their existing and potential customers that their data is safeguarded and won’t be used for any purposes for which they don’t specifically give consent.

• Inspires trust in your business – provides greater reassurance to your customers and stakeholders that personal data and information is protected.
• Competitive advantage – stand out from your competitors by protecting personal information to the highest level.
• Protects your brand protection – reduces the risk of adverse publicity due to data breaches.
• Reduces risks – ensures that risks are identified and controls are in place to manage or reduce them.
• Protects against fines – ensures that local regulations are complied with, reducing the risk of fines for data breaches.
• Helps grow your business – provides common guidelines across different countries, making it easier to do business globally and gain access as a preferred supplier.

Get a better understanding of the standard and how it helps Cloud Service Providers and their customers.

We pioneered standards more than 100 years ago and today we’re the market leader. We help over 80,000 clients ranging from top global brands to small ambitious businesses in 172 countries to gain an edge over their competition. As one of the few organizations that understands standards from start to finish, we don’t only assess how well you’re meeting them, we create new standards from scratch and train teams globally to use them and perform better. Our knowledge can transform your organization.

Whether you're starting the certification process, looking to transfer or just need to discuss options for your business, contact our expert team who will guide you through the process.