A New ISO Standard for Cloud Computing

Grazed from PrivacyLawBlog. Author: Mark Webber.

The summer of 2014 saw another ISO Standard published by the International Standards Organisation (ISO). ISO27018:2014 is a voluntary standard governing the processing of personal data in the public cloud. With the catchy title of “Information technology – Security techniques – Code of the practice for protection of personally identifiable information (PII) in public clouds acting as PII processors” (“ISO27018“), it is perhaps not surprising that this long awaited standard is yet to slip off the tongue of every cloud enthusiast. European readers may have assumed references to PII meant this standard was framed firmly on the US – wrong!

What is ISO27018?

ISO27018 sets out a framework of “commonly accepted control objectives, controls and guidelines” which can be followed by any data processors processing personal data on behalf of another party in the public cloud. ISO27018 has been crafted by ISO to have broad application from large to small and from public entity to government of non-profit…

Read more from the source @ http://privacylawblog.fieldfisher.com/2014/a-new-iso-standard-for-cloud-computing?utm_source=rss&utm_medium=rss&utm_campaign=a-new-iso-standard-for-cloud-computing