CloudSigma is Certified for Privacy Protection 

ISO 27018 Certified Public Cloud 

CloudSigma holds the international auditable standard of ISO/IEC 27018:2019 for Information Security Management System applied to the following services – Infrastructure-as-a-Service (IaaS), Cloud-as-a-Service (CaaS), Software-as-a-Service (SaaS), and Platform-as-a-Service (PaaS). 

ISO/IEC 27018:2019 is the international standard on managing the protection of personal data in the cloud. You can review the
requirements to obtain the certificate here.

 What Does ISO 27018 Guarantee?

• The ISO/IEC 27018 certificate ensures that cloud service providers who process Personally Identifiable Information (PII) under contract to their customers operate their services in ways that allow both parties to meet the requirements of applicable legislation and regulations covering the protection of PII.
• It aims to create a common set of security categories and controls that can be implemented by a public cloud computing service provider acting as a PII processor.
• The certificate provides a common compliance framework for public cloud service providers, in particular those that operate in a multinational market.

 


From the onset, we’ve held customer privacy in the highest regard, regardless of the location of our cloud provider.
However, after the US NSA Prism scandal, we looked into privacy issues even closer to ensure the highest protection of
our customers’ data no matter what. We were pleased to learn of CloudSigma’s Swiss-based cloud,
which became another big selling point for us. – Amit Chaudhary, Co-Founder @ Grepsr

 

Certification Characteristics & Requirements

 
privacy protection 1

ISO/IEC 27018 helps the public cloud service provider comply with applicable obligations when acting as a PII processor, whether such obligations fall on the PII processor directly or through contract.


 
privacy protection 2

The certification enables the public cloud PII processor to be transparent in relevant matters so that cloud service customers can select well-governed cloud-based PII processing services. It also assists the cloud service customer and the public cloud PII processor in entering into a contractual agreement.

 
privacy protection 3

The certification provides cloud service customers with a mechanism for exercising audit and compliance rights and responsibilities in cases where individual cloud service customer audits of data hosted in a multi-party, virtualized server (cloud) environment can be impractical technically and can increase risks to those physical and logical network security controls in place.

 
 

CloudSigma’s ISO 27018 Certification is available to download upon request.