게시판내용 검색

사이트 게시판 전체검색

ISO/IEC 27018 Information Technology – Security techniques

CS Center

Tel. 02-6749-0701

AM 9:00 ~ PM 6:00

토,일,공휴일은 휴무입니다.

02.6749.0711
info@igcert.org

Resources

자료파일 배너


ISO/IEC 27018 Information Technology – Security techniques

페이지 정보

profile_image
작성자 igc인증원
댓글 0건 조회 3,318회 작성일 22-03-15 16:19

본문

ISO/IEC 27018 Information Technology – Security techniques

Code of practice for protection of personally identifiable information (PII)
in public clouds acting as PII processors

[ Introduction ISO/IEC 27018 ]

As much of our lives became richer online, various parts of our lives began to be shared online. As numerous people are involved online, personal identification has become essential to identify individuals online.

In addition, in cloud computing, where various sharing takes place, the need for such personal identification information and its security have become very important.

ISO/IEC 27018 is an international standard for protecting personal information for cloud services, especially for the protection of personal identification information.

ISO/IEC 27018 is based on ISO/IEC 27001 to establish an information protection management system and applies guidelines based on ISO/IEC 27002 in consideration of regulations for privacy protection within the information security environment of service providers.

In other words, we provide execution guidelines for the biggest purpose of protecting personal information in a cloud environment.

ISO/IEC 27018< ISO/IEC 27018 >

[ Necessity of ISO/IEC 27018 ]

  • •  Prevention of abuse and leakage of personally identifiable information
  • •  A more secure cloud service can be provided
  • •  Provide a reliable cloud
Information technology – Security techniques< Information technology – Security techniques >

[ ISO/IEC 27018 Requirements ]

  • Scope
  • Normative references
  • Terms and definitions
  • Overview
  • Information security policies
  • Organization of information security
  • Human resource security
  • Asset management
  • Access control
  • Cryptography
  • Physical and environmental security
  • Operations security
  • Communications security
  • System acquisition, development and maintenance
  • Supplier relationships
  • Information security incident management
  • Information security aspects of business continuity management
  • Compliance
  • Annex A (normative) – Public cloud PII processor extended control set for PII protection

If you have any questions, please contact us at the following email address.

E-mail: info@igcert.org

댓글목록

등록된 댓글이 없습니다.