Course

Cloud Computing & Cloud Security

ISO/IEC 27018:2019 Protection of Personally Identifiable Information (PII) in Public Clouds course

This one-day course is designed for participant to understand ISO/IEC 27018 and use this standard as a reference for selecting PII protection controls when implementing a cloud computing information security management system based on ISO/IEC 27001. The participants will be to understand what are the commonly accepted PII protection controls for organizations acting as public cloud PII processors.

ISO/IEC 27018:2019 is a code of practice that focuses on protection of personal data in the cloud. It is based on ISO/IEC information security standard 27002 and provides implementation guidance on ISO/IEC 27002 controls applicable to public cloud Personally Identifiable Information (PII).

The protection of PII from both internal and external threats is a major concern for every organization, especially when held in the Cloud. This increases the requirement to have effective cloud security controls in place to address the risk to PII.

Participants of this course will be able to learn:

  • What is PII and how it affects Public Cloud
  • What is PII protection requirements
  • Benefits of implementing ISO/IEC 27018:2019
  • Information security risks encounter in public cloud services in relation to PII
  • Understand structure and controls applicable to public cloud services based on ISO/IEC 27018:2019
  • How to select and implement controls in a cloud computing environment
  • Examine and select controls from ISO/IEC 27018:2019 based on risk assessment, through case studies