ISO 27018:2019

We're excited to announce the addition of the ISO/IEC 27018:2019 Information Technology – Security Techniques – Protection of Personally Identifiable Information (PII) in Cloud Service Organizations framework to our growing list of supported compliance frameworks!

What is ISO 27018?

ISO 27018 builds upon the established ISO 27001 security framework by providing specific controls for protecting PII within cloud environments. It outlines best practices for cloud service providers (CSPs) to safeguard sensitive personal data and demonstrates their commitment to privacy.

Why is ISO 27018 Important?

• Enhanced Data Privacy: Following ISO 27018 guidelines ensure robust controls are in place to protect PII within the cloud, mitigating the risk of data breaches and unauthorized access.

• Increased Customer Trust: Demonstrating ISO 27018 compliance showcases your commitment to data privacy, fostering trust with customers who entrust their personal information to you.

• Regulatory Compliance: Many data privacy regulations, such as GDPR and CCPA, have overlapping requirements with ISO 27018. Compliance with this framework can help organizations meet broader regulatory obligations.

Who Needs ISO 27018?

• Cloud Service Providers (CSPs): Organizations offering cloud services that process PII can leverage ISO 27018 to demonstrate their commitment to data privacy and attract privacy-conscious clients.

• Organizations Leveraging Cloud Services: Businesses that store or process PII in the cloud can benefit from working with ISO 27018-compliant CSPs, ensuring their data is protected by robust security controls.

If you have any questions or issues, please reach out to your assigned Customer Success Manager. They'll be happy to assist you!

To view all the product updates, please click here.