Microsoft not cloudy on ISO cloud privacy

Microsoft this week claims to be the first company to adopt the world’s first international standard for cloud privacy.

The standard (known to its friends as ISO/IEC 27018) was developed by the International Organization for Standardization (ISO).


The standard exists with the intention of establishing a uniform international approach to protecting privacy for personal data stored in the cloud.

The British Standards Institute (BSI) has now independently verified that in addition to Microsoft Azure, both Office 365 and Dynamics CRM Online are aligned with the standard’s code of practice.

Personally Identifiable Information (PII)

The code of practice is meant to oversee the protection of Personally Identifiable Information (PII) in the public cloud.

Microsoft promises that its adherence to the standard ensures that the firm only process personally identifiable information “according to the instructions” that users provide.

According to, “Adherence to the standard ensures transparency about our policies regarding the return, transfer, and deletion of personal information you store in our data centers. We’ll not only let you know where your data is, but if we work with other companies who need to access your data, we’ll let you know who we’re working with.”

If we have a break-in, we will tell you

In addition, if there is unauthorised access to personally identifiable information or processing equipment or facilities resulting in the loss, disclosure or alteration of this information, Microsoft says it let you know about this.

Do you feel safer knowing that?

Okay not really, but it does get better…

Microsoft confirms that it will inform you about government access to data.

“The standard requires that law enforcement requests for disclosure of personally identifiable data must be disclosed to you as an enterprise customer, unless this disclosure is prohibited by law. We’ve already adhered to this approach (and more), and adoption of the standard reinforces this commitment,” said the company.

Progress then? Mostly yes – keep it up Microsoft.