ISO/IEC 27018 is the international standard for protecting personal information in cloud storage. The term for the personal data it covers is Personally Identifiable Information or PII. ISO 27018 is a code of practice for public cloud service providers.
ISO 27002 Control 5.34 focuses on protecting Personally Identifiable Information (PII) by ensuring organisations implement policies, assign responsibilities, and comply with legal and regulatory requirements for privacy and data security.
Cybersecurity is a massive issue for business confidence. In today’s global marketplace, protecting customer data has never been more critical. ISO 27018 creates a robust global compliance framework.
ISO 27018 is particularly helpful for cloud service clients. It supports auditing for compliance against internal responsibilities. This is especially helpful when the data processor is a third-party cloud provider.