UKCloud first British firm to achieve iso27018 information security certification
UKCloud has also successfully re-certified against the ISO20000 standard for IT Service Management for a further three years
UKCloud, formerly Skyscape Cloud Services Limited, the easy to adopt, easy to use and easy to leave assured cloud services company, announced that it has achieved certification against the ISO27018 information security standard, for the protection of personally identifiable information (PII) in public clouds, becoming the first UK company to be awarded this status by certification body, LRQA.
The recently introduced ISO27018 augments the existing ISO27002 standard’s control set with a specific focus on cloud privacy and the protection of personal data. Some of the ISO27018-specific controls include the disclosure of the geographic location of personal data, processes for the notification of data disclosures and data breaches, requirements to disclose details of sub-contracted processing activities, and regulations related to a customer’s right to access and delete personal data.
“As cloud computing becomes more widely adopted, public sector organisations with considerable data protection responsibilities understandably have significant concerns when it comes to how their information is processed, stored and protected,” said John Godwin, Director of Compliance and Information Assurance at UKCloud. “ISO27018 delivers a more comprehensive framework of controls when it comes to the protection of personally identifiable data in the cloud; our certification means our customer base, which is exclusively comprised of public sector organisations, can be assured that their data is in safe hands.”
With the upcoming introduction of the EU General Data Protection Regulation (EU GDPR) in May 2018, ISO27018 closely aligns with many of the requirements of this new data protection legislation. Indeed, it is expected to become an established method of assessing compliance against the new Regulation for cloud service providers.
Godwin added: “We’re pleased to be leading the way as the first UK company to have achieved certification against ISO27018. As an early adopter of the standard, we are once again demonstrating our continued commitment to delivering agile services with the highest possible levels of security assurance.”
One of the most highly accredited cloud services providers in the market, UKCloud has invested heavily in removing the biggest barrier to cloud adoption – security. UKCloud’s full range of services are suitable for all data at OFFICIAL (including OFFICIAL SENSITIVE) and are connected to Government networks including the Public Services Network (PSN), the N3 health network and others. Its UK sovereign cloud computing services are hosted in one (or both) of its highly-resilient. secure UK data centres located in Farnborough and Corsham, meaning that its customers’ data is never subject to foreign jurisdictional issues.