Issues of data privacy and security are central to most cloud contract negotiations. While cloud service providers may be willing to take responsibility for the integrity of their networks, accepting obligations in relation to data privacy and security typically requires more discussion. However, that discussion may now become a little easier as a result of the introduction of ISO/IEC 27018, the first international voluntary standard that focuses specifically on data security in the public cloud. Although ISO/IEC 27018 was published back in July 2014, it received a significant boost recently when Microsoft announced that it has become the first major cloud services provider to adopt the standard.
In this Alert, we outline some of the key requirements of ISO/IEC 27018 and consider what its adoption may mean for the cloud sector.
Please see full publication below for more information.