Microsoft sets precedent for international standard for cloud services

Microsoft announced on Monday that it became the first major cloud provider to adopt an international standard for cloud privacy – which is also the world's first.

The standard was developed by the International Organization for Standardization (ISO) to establish a uniform, international approach to protecting privacy for personal data stored in the cloud.

“The British Standards Institute (BSI) has independently verified that in addition to Microsoft Azure, both Office 365 and Dynamics CRM Online are aligned with the standard’s code of practice for the protection of Personally Identifiable Information (PII) in the public cloud,” wrote general counsel and executive vice-president of legal and corporate affairs, Brad Smith, on the Microsoft blog.

And similarly, Bureau Veritas has done the same for Microsoft Intune.

Microsoft goes on explaining why this is important stating that the ISO 27018 assures enterprise customers their privacy is safe.

According to the blog post, Microsoft can only process identifiable data the customers provide, it’s obliged to notify the customers where their data is, and who else is using it (in case there are third parties in need of their data).

Microsoft assures its customers that their data is secure, saying that adherence to ISO 27018 provides a number of important security safeguards, and what’s most important, the new standard promises the data won’t be used for advertising.

The ISO 27018 states that the company offering cloud services must notify the client in case the government requests for disclosure of personally identifiable data.

The latter comes a week after Twitter released a report showing that governments asked the microblogging site for 40 per cent more data in the past year.