Network security auditors | Pune Mumbai Hyderabad Delhi Bangalore India Kuwait Dubai USA UK Australia New Zealand

This code of practice applies to CSPs that process PII under contract for other organizations.

What is the difference between "personal information controllers" and "personal information processors"?

In the context of ISO/IEC 27018:

"Controllers" control the collection, holding, processing, or use of personal information; they include those who control it on another company's behalf.
"Processors" process information on behalf of controllers; they do not make decisions as to how to use the information or the purposes of the processing. In providing its enterprise cloud services, Microsoft-as a vendor to you-is an information processor.

When should and organization adapt ISO 27017 and ISO 27018 standards?

If an organization consumes or provides cloud services, it should implement ISO 27017 standard at the earliest. If an organization deals with the Personally Identifiable Information (PII) of the customers, ISO 27018 implementation is must.

What does ISO 27017 implementation mean to a customer?

It demonstrates the organization's ongoing commitment to align with globally-recognized best practices and that the controls specific to cloud services are at place.

FEATURES

It provides clarity regarding who is responsible for what between the cloud service provider and the cloud customer

Network Website Cloud Mobile App Security Penetration Testing (VAPT) Services, FAQ'S

It provides clarity regarding who is responsible for what between the cloud service provider and the cloud customer

BENIFITS

Inspires trust on the business as customers have greater reassurance to customers and stakeholders

To whom does ISO/IEC 27018 apply?
This code of practice applies to CSPs that process PII under contract for other organizations.

RELATED LINKS

https://www.infoworld.com/article/3000021/cloud-computing/iso-27018-compliance-heres-what-you-need-to-know.html

Network Website Cloud Mobile App Security Penetration Testing (VAPT) Services

Valency Networks is our only preferred vendor because the way they find vulnerabilities in our network is par excellence. We hired them on a long term contract to top up our perimeter and wish to continue with them.

CTO

Fortune 50 Manufaturing Company, Pune

Hardly goes a day when I have not learnt anything new in cyber security space and IT technologies.

Team-mate

for 6+ yrs

Working at Valency Networks helps me gain great knowledge everyday.

Team-mate,

for 3+ yrs

FAQ'S

Features

Process

Benefit

FAQ

Related Links

What does ISO 27017 implementation mean to a customer?

FEATURES

PROCESS

BENIFITS

FAQ

RELATED LINKS