![]() ISO 27017 was developed to reflect what it lists as “significant changes in how computing resources are technically designed, operated and governed.” It also notes that it’s not just a matter of cloud service providers maintaining security. It notes that the way cloud computing works means its possible to have a supply chain in which the same organisation can be both a cloud service customer and a cloud service providers. The guidance in ISO 27017 is designed for both providers and customers of cloud services. In practical terms, ISO 27017 builds on ISO 27002: it gives extra detail for some of the security controls and adds some new controls, both to increase relevance to the cloud computing sector. ISO 27018: guidelines specifically addressing how to protect personal data in the cloud.ISO 27017: general security guidelines for operating in the cloud.ISO 27002: a list of specific security controls an organisation could use.ISO 27001: guidelines for managing an overall information security management system.ISO 27017 works alongside with several other ISO standards. ISO 27017 is a relatively new publication from the International Organization for Standardization (ISO) dealing specifically with cloud computing. ![]() What is the new ISO 27017 standard and why should cloud customers and cloud services providers care? ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |