Microsoft reaches milestone in cloud privacy with compliance to ISO 27018
Feeling unshakably confident about our data stored in the cloud is probably a disposition we’ll never quite reach, but Microsoft just made some headway in instilling us with some faith by making its Azure cloud computing platform, the first cloud platform to be certified as compliant with ISO (International Organization for Standardization) 27018.
Brad Smith, Microsoft’s General Counsel and Executive Vice President, Legal and Corporate Affairs, wrote in a blog post, “The British Standards Institute (BSI) has now independently verified that in addition to Microsoft Azure, both Office 365 and Dynamics CRM Online are aligned with the standard’s code of practice for the protection of Personally Identifiable Information (PII) in the public cloud.”
While Microsoft has in fact been following such standards already, gaining the certification is a benchmark in that we not only know what we can expect from the Redmond company in terms of what happens, or doesn’t happen, to our data, but it will help to create an industry standard that can, and should be followed.
The standard itself relates to transparency in what the government demands concerning stored data, with full disclosure to the customer if access should happen, and also transparency concerning what is happening to data in regards to the return, transfer, and deletion of personal information stored in Microsoft’s data centers. There will be security safeguards implemented as part of the standard relating to public use of data, and also relating to data recovery and restoration. Lastly, by adopting the standard Microsoft maintains that enterprise customer data will not be used for advertising purposes.
Microsoft has said numerous times that customers will only use services that they can trust. This certification, Microsoft hopes, will have scored some points with existing and future customers. Smith writes, “We’re optimistic that ISO 27018 can serve as a template for regulators and customers alike as they seek to ensure strong privacy protection across geographies and vertical industry sectors.”
In relation to what the government demands, Microsoft is still in legal wrangle with the U.S. Department of Justice
over emails stored in a data center located in Dublin, Ireland. Data, Microsoft says, the U.S. government has no right to demand access to. Encouragingly the Redmond company is a backed by some of the world’s leading media organizations and tech companies, as well as the Irish government.
Photo credit: Nathan O’Nions via photopin cc
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
