Information Security Management System (ISO/IEC 27018)
The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.
ISO/IEC 27018 relates to one of the most critical components of cloud privacy: the protection of personally identifiable information (PII). This standard focuses in two ways on security controls for public-cloud service providers that process PII:
• Builds upon existing ISO/IEC 27002 controls by adding specific items for cloud privacy
• Provides entirely new security controls for personal data
NSPECT.IO Uses Google for marketplace and other operations where Google Cloud Platform, Google Workspace, Chrome, and Apigee are certified as ISO/IEC 27018 compliant.
ISO/IEC 27018 is a security standard part of the ISO/IEC 27000 family of standards. It was the first international standard about the privacy in cloud computing services which was promoted by the industry. It was created in 2014 as an addendum to ISO/IEC 27001, the first international code of practice for cloud privacy. It helps cloud service providers who process personally identifiable information (PII) to assess risk and implement controls for protecting PII. It was published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27.
NSPECT.IO Uses Wix for marketplace which has been audited and certified as ISO 27018 compliant. The ISO 27018 certification outlines industry best practices for handling personally Identifiable Information (PII) in a public cloud computing environment.