• Home
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
  • Events
  • Resources
  • SMB Spotlight
  • Newsletters
  • Sign in
  • Events
    • Follow V3 Events

      Sign up to receive email alerts about our events

      Sign up
  • Resources
    • V3resources 120x194
      Network Security Forensics For GDPR Compliance

      An effective network security forensics strategy can assist an organization in providing key compliance-related details as part of any post-incident GDPR investigation.

      Download
      V3resources 120x194
      10 ways to increase productivity with managed Office 365

      For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

      Download
      Find resources
      Search by title or subject area
      View all resources
  • SMB Spotlight
  • Sign in
  •  
    •  

      You are currently accessing V3 .co.uk via your Enterprise account.

      Personalise your on site experience

      Download and use the apps

      Access your subscription from outside of the office

      Get relevant news and insight straight to your inbox

      • Sign in
     
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
  • Follow us
    • RSS
    • Twitter
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • News
  • Reviews
  • Digital technology
  • Cloud
  • Data analytics
  • Digital leaders
  • IoT
  • Opinion
 
  •  

    You are currently accessing V3 .co.uk via your Enterprise account.

    Personalise your on site experience

    Download and use the apps

    Access your subscription from outside of the office

    Get relevant news and insight straight to your inbox

    • Sign in
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
V3.co.uk
  • Cloud Computing

Office 365, Dynamics and Intune achieve ISO 27018 cloud security standard

Microsoft doing everything it can to entice customers to the cloud

Cloud security
Microsoft is assuring customers it has all the security concerns of the cloud under control
  • Dan Worth
  • Dan Worth
  • @danworthV3
  • 16 February 2015
  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
0 Comments

Microsoft has secured independent security accreditation for several of its major cloud services, in a move that could entice more security-conscious firms to use its web-hosted services.

Microsoft has received ISO 27018 compliance, a standard created by the International Standards Organisation, which sets out measures to "protect personally identifiable information [PII] stored in a public cloud environment".

Brad Smith, Microsoft general counsel for legal and corporate affairs, announced the accreditation in a blog post.

“The British Standards Institute has now independently verified that ... Office 365 and Dynamics CRM Online are aligned with the standard’s code of practice for the protection of PII in the public cloud. And similarly, Bureau Veritas has done the same for Microsoft Intune,” he said.

“Microsoft is the first major cloud provider to adopt the world’s first international standard for cloud privacy. It’s another reason customers can move with confidence to the Microsoft Cloud.”

ISO 27018 contains several important requirements that Smith outlined as key to achieving the certification.

These include the stipulation that Microsoft processes PII in accordance with instructions agreed to with a customer and adheres to the original commitments concerning how it will use data.

“Adherence to the standard ensures transparency about our policies regarding the return, transfer and deletion of personal information you store in our data centres,” Smith wrote.

“We’ll not only let you know where your data is, but if we work with other companies who need to access your data, we’ll let you know who we’re working with.”

Microsoft must also ensure strong security protection for the data it collects, and not use it for advertising purposes.

“The adoption of this standard reaffirms our long-standing commitment not to use enterprise customer data for advertising purposes,” Smith explained.

Lastly the accreditation means that Microsoft must inform the customer if the data is ever requested by law enforcement agencies.

“All of these commitments are even more important in the current legal environment, in which enterprise customers increasingly have their own privacy compliance obligations,” he said.

“We’re optimistic that ISO 27018 can serve as a template for regulators and customers alike as they seek to ensure strong privacy protection across geographies and vertical industry sectors.”

Microsoft’s move to achieve ISO 27018 accreditation comes during a legal battle with the US government over access to data stored in the cloud overseas.

The case, which is still rumbling on, could have major repercussions for US cloud firms by making it almost impossible to guarantee data sovereignty, regardless of location.

  • Tweet  
  • Facebook  
  •  
  •  
  • Send to  
  • Topics
  • Cloud Computing
  • Law
  • Microsoft

V3 Latest

BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP

BT wants to make the public switched telephone network history within eight years

  • Communications
  • 20 April 2018
Facebook Login hijacked by hidden web trackers, claim security researchers
Facebook Login hijacked by hidden web trackers, claim security researchers

Personal data being purloined by third parties via Facebook Login API

  • Security
  • 20 April 2018
Apple: we've no plans to merger iOS and MacOS
Apple: we've no plans to merger iOS and MacOS

MacOS and iOS are better off apart, says CEO Tim Cook

  • Desktops
  • 20 April 2018
Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year

Or they'll no longer be entitled to updates and bug patches

  • Developer
  • 20 April 2018
Back to Top

Most read

Oracle: Java SE 8 business users must buy a licence from January next year
Oracle: Java SE 8 business users must buy a licence from January next year
Avast reveals more information detailing how hackers compromised CCleaner
Avast reveals more information detailing how hackers compromised CCleaner
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
BT plan to close down conventional fixed-line phone network by 2025 and go all-IP
  • Contact
  • Marketing solutions
  • Enterprise IT Events
  • About
  • Terms & conditions
  • Privacy policy
  • RSS
  • Twitter
  • Newsletters
  • Facebook
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017