ISO/IEC 27017:2015

Hubilo has earned the ISO/IEC 27017:2015 certificate that provides enhanced controls for cloud service providers and cloud service customers. Unlike many other technology-related standards, ISO/IEC 27017:2015 clarifies both party’s roles and responsibilities to help make cloud services as safe and secure as the rest of the data included in a certified information management system.

 

Hubilo provides cloud-based guidance on 37 of the controls in ISO/IEC 27002 but also features seven new cloud controls that address the following:

  • Who is responsible for what between the cloud service provider and the cloud customer
  • The removal/return of assets when a contract is terminated
  • Protection and separation  of the customer’s virtual environment
  • Virtual machine configuration
  • Administrative operations and procedures associated with the cloud environment
  • Cloud customer monitoring of activity within the cloud
  • Virtual  and cloud network environment alignment
bsi-27017
About ISO/IEC 27017:2015

ISO/IEC 27017:2015 is a unique technology standard that provides requirements for the customer as well as the cloud service provider. IT managers and other technical staff responsible for moving organizations to the cloud or expanding a cloud service engagement can reduce risks to their business by ensuring they understand their responsibilities and make more insightful decisions around their choice of provider(s). 

 

It provides guidelines for information security controls applicable to the provision and use of cloud services by providing:

  • Additional implementation guidance for relevant controls specified in ISO/IEC 27002.
  • Additional controls with implementation guidance that specifically relate to cloud services.
Certification Details
Certification: ISMS Cloud Security – ISO/IEC 27017:2015 Effective Date: July 20, 2021 Expiry Date: July 19, 2024 Certificate number: CLOUD 752020 (View it here)
Hubilo meets world-class data security standards

Hubilo is an ISO/IEC 27017:2015 certified organization that enables us to demonstrate a safer cloud-based environment to our users, thus enabling reduced risk of security problems.

See Other Certifications