Dropbox secures data privacy-focused ISO 27018 standard

Cloud storage giant hails privacy implications of latest ISO award

Dropbox has followed in the footsteps of Microsoft to become an early adopter of the privacy-focused ISO 27018 standard, which is used to signify how providers safeguard users’ cloud data.

The standard sets out a code of practice that governs how users’ personally identifiable information should be protected by cloud providers.

Organisations that adhere to the ISO 27018 code of practice, therefore, must vow not to use this information in sales and marketing materials, and must promise to provide users with details about where there data is kept and handled and to notify them straightaway in the event of a data breach.

Microsoft became the first cloud provider to achieve the standard back in February 2015, and cloud storage giant Dropbox has now followed suit, with the company explaining in a blog post how the standard should assure users about how it handles their data.

“We’ll be transparent about where your data resides on our servers. We’ll tell you what happens when you close an account or delete a file. We’ll tell you if any of these things change,” the blog post stated.

Read more about cloud storage

“We’re pleased to be one of the first companies to achieve ISO 27018 certification. Privacy and data protection regulations and norms vary around the world, and we’re confident this certification will help our customers meet their global compliance needs.”

Competing in the cloud

Coming to market with an ISO-backed cloud service is seen as increasingly important within the industry, as doubts about the security of off-premise products and services continue to bite.

The ISO 27018 has been granted specifically for the enterprise-focused Dropbox for Business file-sharing service, which the company claims is used by more than 100,000 businesses.

It was introduced in July 2014 as a follow-on to ISO 27001, which is geared towards organisations that are responsible for managing financial information, intellectual property, employee details and other data entrusted to them by third parties.

Dropbox, incidentally, acquired this standard in October 2014.

Read more on Cloud computing software