UKCloud, a company delivering multi-cloud solutions from a “government-grade” data center campus, has achieved certification against the ISO27017 information security standard – which specifically relates to the security of cloud services.
UKCloud has already been adhering to these and other recommended cloud security controls for some time. It became one of the first UK companies to be awarded ISO27018 certification (for the security of personal data in cloud environments) by LRQA in 2016 and is now one of the first companies to be awarded ISO27017, also by LRQA.
“Cloud computing acts as a critical foundation for the digital transformation being driven across central and local government as well as in healthcare, as the departments, local authorities and NHS trusts seek to do more for less while improving services for citizens and outcomes for patients,” said John Godwin, Director of Compliance and Information Assurance, UKCloud. “Our ISO27017 certification provides reassurance to these organisations that our cloud services comply with robust control frameworks and globally-recognised best practices. This allows them to focus on their innovation and transformation initiatives, safe in the knowledge that their cloud infrastructure is in the best possible hands.”
Like ISO27018 before it, ISO27017 augments the existing control set from ISO27001, the global standard for information security management systems. ISO27018 added controls that were specific to cloud privacy and the protection of personal data, while ISO27017 prescribes additional controls that are specific to cloud service providers.
UKCloud provides a wide range of multi-cloud services. Its UK sovereign cloud computing services are hosted from its “government-grade, highly-resilient, secured” UK data centers and connected to government networks including the Public Services Network (PSN), the N3 and HSCN health networks, and others.