Microsoft adopt world’s first international standard for cloud privacy.

February 18th 2015

Source: Eleanor Burns: 

Marking a major cloud milestone, Microsoft has announced that it will adopt the world's first international standard for cloud privacy - the first major cloud provider to do so.

The standard, known as ISO/IEC 27018, was developed by the International Organization for Standardization (ISO) to establish a uniform, international approach to protecting privacy for personal data stored in the cloud.

The British Standards Institute (BSI) has now independently verified that in addition to Microsoft Azure, both Office 365 and Dynamics CRM Online are aligned with the standard's code of practice for the protection of Personally Identifiable Information (PII) in the public cloud.

Bureau Veritas has also done the same for Microsoft Intune.

The reason that this is such a major cloud milestone is that compliance to the ISO/IEC 27018 standard assures enterprise customers that privacy will be protected in several distinct ways.

The first way in which the standard protects privacy is that Microsoft will only process personally identifiable information according to the instructions that the customer provides them.

Secondly, customers will know exactly what is happening to their data. Adherence to the standard ensures transparency about Microsoft's policies regarding the return, transfer, and deletion of personal information the customer stores in their data centres.

Adherence to ISO 27018 also provides a number of important security safeguards. It ensures that there are defined restrictions on how Microsoft handles personally identifiable information, including restrictions on its transmission over public networks, storage on transportable media, and proper processes for data recovery and restoration efforts.

The standard also ensures that everyone who processes personally identifiable information, including Microsoft employees, must be subject to a confidentiality obligation.
Compliance to the standard also guarantees that Microsoft will not use any data for advertising without consent, while also informing customers about government access to data.

Writing on the Microsoft blog, Brad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, commented: 'As we've said before, customers will only use services that they trust.'
'The validation that we've adopted this standard is further evidence of our commitment to protect the privacy of our customers online.'

End of article

Talk to IT Force!

As a Microsoft Gold Partner and solutions provider, IT Force can work with you to identify the best Microsoft solutions based on the needs or your business.  If you are already a Microsoft user, we can help to ensure that you are getting the most out of your applications.  Call us today on 01 5546 000 or fill in the contact form below.

Contact us about Microsoft Solutions

Share this:

Share this: