Will ISO certification help bring stronger confidence in the security of the cloud model?


Vote Up (13)

Good question!


ISO standards are created by global consensus with end users actively participating. They're also reviewed and updated on an ongoing basis to ensure relevancy. The family of ISO management standards, which includes ISO 27001 for Information Security, are all about processes, which means they are equally relevant for small and large organisations. All great reasons why the likes of ISO 27001 have become internationally recognised and respected...


Whilst ISO 27001 is a great all-rounder, ISO recognise the need for more specialist standards too. In fact, they have just released ISO 27032 which provides guidelines for cybersecurity.



Achieving certification to ISO 27001 is far more than simply gaining a membership. It requires a third-party Certification Body to come in and check the organisation meets the requirements of the standard. You must also have a re-audit every year to ensure you still complying and continually improving. As such, it is a much more powerful message to clients.


Google have had their Google Apps for Business certified to ISO 27001 to demonstrate their information security credentials to clients, helping to alleviate concerns you have mentioned.



Right behind them is Microsoft. How many chances do businesses get to compete on a level playing field with the likes of Microsoft and Google? ISO 27001 can provide that sort of credibility to cloud computing providers.



I hope that provides some food for thought. If you would like to read up more on ISO 27001, i've written the following article.



Join us:






Ask a Question