De Novo ISO/IEC 27018 compliance

ISO/IEC 27018:2015 (fully corresponds to DSTU ISO/IEC 27018:2015 in Ukraine) is an international standard developed specifically to ensure information security in cloud computing. It provides detailed guidance on selecting and implementing security controls for cloud service providers and users. Certification according to this standard indicates a high level of maturity of the company's information security management system.

ISO/IEC 27018:2015 certification guarantees that the company takes a comprehensive approach to the security of client data and takes all necessary measures to protect it. The standard offers a structured approach to information security management in cloud environments, in particular:

• Regulates the authentication, authorisation and management processes of access to cloud resources.
• Describes measures to protect data against unauthorised access, disclosure, alteration or destruction.
• Provides guidance on planning and recovery from information security incidents.
• Regulates relationships with third parties providing cloud services.

The standard contains many practical recommendations for implementing security controls such as data encryption, access control, security monitoring and incident response. In addition, ISO/IEC 27018:2015 is based on the ISO/IEC 27002 standard, which ensures compatibility with other information security management systems.