Dropbox has announced that Dropbox for Business is one of the first major cloud service providers to achieve certification with ISO 27018 – an emerging global standard for privacy and data protection in the cloud.
The user privacy focused ISO 27018 standard is just a few months old, published in August 2014. It lays out many requirements regarding how Dropbox will and won’t use information.
It covers principles such giving a organisation control of its data, promising to only use personal information to provide the services you signed up for. You can add, modify or delete data from Dropbox when you need to.
Dropbox undertakes to be transparent about where your data resides on our servers and let you know who its trusted partners are.
ISO 27018 is designed as an enhancement to ISO 27001, one of the most accepted information security standards in the world and as part of adherence to ISO 27018 and ISO 27001, Dropbox will undergo annual audits by an independent third party to maintain these certifications.
Dropbox’s ISO 27018 certificate can be viewed here.
Dropbox claims it is one of the first companies to achieve ISO 27018 certification. It is confident this certification will help its customers meet their global compliance needs.