OutSystems Achieves ISO 27017 and 27018 Certifications for Cloud Security Compliance
August 2019 by Marc Jacob
OutSystems, provider of the number one low-code application development platform, announced that achieve two new cloud security certifications – ISO 27017 and ISO 27018.
As organisations develop, run and share a higher percentage of their applications on the cloud, stakeholders across the business are trusting platform providers to ensure their cloud-based environments are secure. These certifications demonstrate the high level of commitment OutSystems has to ensuring the privacy and protection of its customers’ data in the cloud.
Adding the two new certifications extends the OutSystems record of achieving the highest levels of compliance for the protection of customers’ mission-critical assets. The company’s SOC 2 Level II certification combined with the achievement of ISO 27001 and ISO 22301 certifications establishes OutSystems as meeting the five Trust Services Principles –providing Security, Availability, Processing Integrity, Confidentiality, and Privacy.
ISO 27017 and ISO 27018 builds on the principles of the ISO 27001 standard, which provides a checklist of controls for a company’s establishment, operation and maintenance of an information security management system.
ISO 27017 focuses on the protection of the information in cloud services. It extends to cloud computing providers controls in earlier compliance standards that governed information management and sharing by IT vendors.
Complimenting this, ISO 27018 outlines requirements for the protection and privacy of user data in the cloud. It provides a code of practice for protecting personally identifiable information (PII) in the cloud, which was adopted by the International Organisation for Standardisation (ISO).