Cloud Security Compliance

Control and consent

The overarching principle is that the customer controls his own data. The cloud supplier is just allowed to process PII in accordance with the customer's instructions. PII can only be used for marketing and advertising purpose when the customer provides consent for it.

Security

Adhering to ISO 27018 defines restrictions on how providers may handle PII, including restriction on its transmission over public networks, storage on transportable media proper processes for data recovery restoration efforts.

Breach notification and communication:

When a data breach occurs that results into loss, disclosure or alteration of PII, ISO 27018 requires the provider to notify the customer of breach and to keep clear records about the incident.

Transparency

Prior to entering into a cloud computing services agreement, providers must disclose the name of any sub processors and possible locations where PII may be processed. The provider must be transparent about its policies regarding the return, transfer and deletion of PII that is stored in the data center.

Independent Audit

This requirement ensures that regular reviews of information security and general compliance by the cloud service provider are obtained through a third party independent audit.

FEATURES

It provides clarity regarding who is responsible for what between the cloud service provider and the cloud customer

Network Website Cloud Mobile App Security Penetration Testing (VAPT) Services, Cloud Security Compliance

It provides clarity regarding who is responsible for what between the cloud service provider and the cloud customer

BENIFITS

Inspires trust on the business as customers have greater reassurance to customers and stakeholders

To whom does ISO/IEC 27018 apply?
This code of practice applies to CSPs that process PII under contract for other organizations.

RELATED LINKS

https://www.infoworld.com/article/3000021/cloud-computing/iso-27018-compliance-heres-what-you-need-to-know.html

What Our Customers Say?

Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.

Network Website Cloud Mobile App Security Penetration Testing (VAPT) Services

Valency Networks is our only preferred vendor because the way they find vulnerabilities in our network is par excellence. We hired them on a long term contract to top up our perimeter and wish to continue with them.

CTO

Fortune 50 Manufaturing Company, Pune

Hardly goes a day when I have not learnt anything new in cyber security space and IT technologies.

Team-mate

for 6+ yrs

Working at Valency Networks helps me gain great knowledge everyday.

Team-mate,

for 3+ yrs

Cloud Security Compliance

Features

Process

Benefit

FAQ

Related Links