Microsoft Adopts International Standard for Protecting PII in Cloud

    Mar 24, 2015

    Software giant Microsoft recently announced it is the first major cloud provider to adopt the first international standard for protecting data stored in the cloud, ISO/IEC 27018:2014 Information technology -- Security techniques -- Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.

    Microsoft General Counsel Brad Smith stated in his blog that this means that companies using its cloud services:

    • Control their data; Microsoft will process personal data however the customer company has directed.
    • Know what’s happening with their data; Microsoft will be transparent about its policies regarding the return, transfer, and deletion of personal information stored in its data centers.
    • Can be assured that Microsoft is providing strong security protection for their data and won’t use it for advertising.
    • Will be informed when the government accesses their data, unless this notification is prohibited by law.


    © 2016, ARMA International