Security and data protection: OVHcloud expands ISO 27001 and ISO 27701 certifications to all its cloud offerings
OVHcloud announced today that it has achieved new certifications in information security and data privacy, marking a new phase in its broader certification policy and commitment to customers.
With the newly obtained ISO/IEC 27001 and ISO/IEC 27701 for most of its cloud solutions, OVHcloud has further consolidated its arsenal in order to strengthen customer trust in the security of its infrastructure.
For these products and all supporting information systems, OVHcloud has implemented an Information Security Management System (ISMS) and Personal Information Management Systems (PIMS) evaluated by a third-party auditor as part of an in-depth audit. This audit resulted in the obtaining of:
- Certification according to the ISO/IEC 27001 standard supplemented by the requirements of ISO/IEC 27017, specific to cloud services security and ISO/IEC 27018 relating to the requirements of personal data protection. This certification enables all organizations and their DevOps teams to deploy services in OVHcloud’s environment in accordance with the highest security standards.
- Certification according to the ISO/IEC 27701 standard, to explain how the personal data hosted by its customers on OVHcloud solutions are specifically protected. This recent certification (2019), which still involves few players, is based on a global standard that reflects most of the requirements of the General Regulation on Data Protection (GDPR) in a standardised manner.
According to the IDC FutureScape study “Worldwide Cloud 2021 Predictions”, over 80% of enterprises evaluating cloud services for privacy-sensitive workloads will mandate the protection of data sovereignty and the ability to control the corresponding processes across the geographies concerned.
OVHcloud has been committed for many years to constantly improving the security of its information systems. In 2013, the European cloud leader achieved ISO 27001 certification for its Hosted Private Cloud solution and then in 2019 for its Bare Metal Cloud servers.
“Our certification policy is guided and shaped by the security requirements of our customers,” says Sylvain Rouri, Chief Sales Officer for OVHcloud. “We’re delighted to offer public- and private-sector organizations a portfolio of certified cloud solutions so they can host their data on infrastructures guaranteeing the highest level of security and data protection.”
"This dual certification, which applies to most of our cloud products, is an important step in our security approach. It provides a virtuous management framework to ensure that good security and personal data protection practices are considered and to improve transparency for our customers," says Julien Levrard, Chief Information Security Officer at OVHcloud.
XMCO supported this approach as internal auditor of OVHcloud’s management system. The external certification audit was conducted by the Laboratoire National de Métrologie et d'Essais (LNE).
For more about OVHcloud’s compliance and certification policy: https://www.ovhcloud.com/en-ca/enterprise/certification-conformity/