Microsoft has declared that its Azure ML service for predictive analytics with machine learning has achieved certification for security and privacy standards including ISO 27001 and the EU Model Clauses, a move designed to reassure potential enterprise users that their data will be safe.
Machine learning is a growing tool of interest for analysing large datasets and gleaning useful insights, and Microsoft launched its cloud-based Azure ML service a couple of years ago to take advantage of this.
However, concerns over moving sensitive data to public cloud services could prove a barrier to adoption of services such as Azure ML, and Microsoft aims to address this by gaining certification under several security and privacy standards, comprising the US HIPAA, ISO 27001, ISO 27018 and the EU Model Clauses relating to transfer of personal data to countries outside Europe.
"Enterprise customers often require that cloud services comply with specific security certifications. Compliance certifications provide assurance to customers that the security of these services has been verified by independent auditors," said Microsoft's principal programme manager for Azure, Krishna Anumalasetty.
ISO 27001 is an information security standard that includes specifications for an information security management system for keeping information assets secure. It also specifies best practices for documentation, access control, security, auditing and corrective and preventive measures.
Meanwhile, ISO 27018 is an addendum to ISO 27001, and taken together the two represent the code of practice for protecting personal data in the cloud. ISO 27018 gives specific guidance to cloud service providers acting as processors of personally identifiable information on assessing risks and implementing state-of-the-art controls for protecting it.
The EU Model Clauses are actually contractual clauses used in agreements between service providers and customers to ensure that any personal data leaving the European Economic Area (EEA) will be transferred in compliance with EU data protection law and meet the requirements of the EU Data Protection Directive.
Microsoft has invested in the operational processes necessary to meet the exacting requirements of the Model Clauses for the transfer of personal data to processors, the firm states on its website. It offers its customers Standard Contractual Clauses giving guarantees regarding transfers of personal data for Microsoft services.
This ensures that Microsoft customers can freely move data through Microsoft's cloud from the EEA to the rest of the world, the firm said.
AMD Ryzen CPU release dates, specs and price: AMD hints at Ryzen 7 2800X plan to counter 8-core Intel Coffee Lake CPUs
AMD believed to be holding Ryzen 7 2800X in reserve
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook