“customers will only use services that they trust”
The question on everyone’s lips when it comes to cloud storage is ‘Is my personal data safe?’ When you have confidentiality and compliance obligations to a client or customer, you need to be one hundred per cent sure your cloud provider can adhere to the same standards. So often, though, we commit private and confidential data to a cloud provider without really knowing how it is going to be treated.
Microsoft are the first global cloud provider to make a commitment to changing that.
We are delighted to see the first signs of a universal industry security standard that can keep up with the worldwide growth of cloud storage. Microsoft are leading the way as the first major cloud provider to take make a commitment to an international industry standard of cloud privacy. Their Azure, Office 365 and Dynamics CRM online products have all been brought into line with this new standard.
A New International Cloud Privacy Standard
The standard is known as ISO/IEC 27018, and was developed by the International Organisation of Standardisation (ISO) in the interests of a uniform industry standard to protect private data stored in the cloud. Its objectives are to implement controls and measures to protect ‘personally identifiable’ information stored in the public cloud environment in accordance with a rigorous framework of privacy principles.
The new guidelines are very clear on how cloud vendors should handle private data. Under the new standards, cloud vendors can only process personal information as directed by the customer. They put clear restrictions on the transmission of data over private networks and storage on transportable media, as well as its use by government and in advertising campaigns. ISO has also outlined correct processes for data recovery and restoration. All transferrals, deletions and modifications must be made clear and transparent to the customer.
The new industry standard will put the power back in the hands of the customer, giving them a clear say on how their data is stored, processed and used. Microsoft cloud customers can now move forward with greater confidence in the privacy of their data. Hopefully other cloud providers will be quick to follow suit.
Not convinced about the privacy of your personal or confidential client data in the cloud? Why not talk to us about the IT security and cloud hosting solutions we offer for barristers’ chambers?