You’re negotiating a contract for cloud services. To clinch the deal, the cloud provider’s rep leans across the table, fixes her gaze and tells you, “By the way, the service is certified ISO 27018 compliant.”

ISO 270-what? Should you sign, or step back? IT execs will be increasingly faced with just such a choice, thanks to the advent of the ISO 27018 standard for protecting personally identifiable information (PII) in the cloud, which was adopted by the International Standards Organization (ISO) in July 2014.

See also: Gartner: Long hard climb to high level of cloud computing security

To read this article in full or to leave a comment, please click here