Microsoft has become the first major cloud provider to adopt the world’s first international standard for cloud privacy which ensures that enterprise customers can move with confidence to the Microsoft Cloud.
According to Brad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, Microsoft, the announcement follows verification by independent auditors that Microsoft Azure, Office 365, Dynamics CRM Online, and Intune are aligned with ISO/IEC 27018, a standard which was developed by the International Organization for Standardization (ISO) to provide a uniform, international approach to protecting Personally Identifiable Information (PII) in the public cloud.
He said: “All of these commitments are even more important in the current legal environment, in which enterprise customers increasingly have their own privacy compliance obligations.
“We’re optimistic that ISO 27018 can serve as a template for regulators and customers alike as they seek to ensure strong privacy protection across geographies and vertical industry sectors.
“Today’s news is just one way we’ve been working to help strengthen privacy and compliance protections for our customers in the cloud. Last spring, we received confirmation from European data protection authorities that Microsoft’s enterprise cloud contracts are in line with “model clauses” under EU privacy law regarding the international transfer of data.
“And last fall, Microsoft became one of the first companies to sign the Student Privacy Pledge developed by the Future of Privacy Forum and the Software & Information Industry Association to establish a common set of principles to protect the privacy of student information.