Security, privacy and compliance are core tenets for Microsoft’s cloud services. Last July the International Organization for Standardization (ISO) issued the first international standard regarding the processing of personal information by cloud providers known as ISO 27018. Microsoft Azure services have incorporated the controls that embody ISO 27018, building on the existing ISO 27001 standard with a code of practice and new controls for governing the processing of personal information by cloud providers. Microsoft is the first major cloud provider to have incorporated the ISO 27018 code of practice. In this article that recently appeared in the Chicago Daily Law Bulletin, Microsoft Assistant General Counsel Dennis Garcia provides an overview of ISO 27018.
ISO Sets Global Privacy Standard For Cloud