The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.
ISO 27018 relates to the protection of personally identifiable information (PII), and as such, deals with one of the most critical components of the cloud—privacy. This standard is primarily focused on security controls for public-cloud service providers acting as PII processors.
ISO 27018 works in two ways:
- Builds off of existing ISO 27002 controls with specific items for cloud privacy
- Provides completely new security controls for personal data
Google Cloud Platform and G Suite are are certified as ISO 27018 compliant.