Fully compliant with UK data security standards
Microsoft Azure Security Centre provides continuous security-health monitoring and threat-mitigation practices that are essential to the strong protection of services and data. These data centres comply, and have been audited to, with the following UK standards:
- ISO 9001:2008 is a global standard (published certificate) for managing the quality of products and services.
- ISO 27001:2013 is a widely-adopted global security standard that outlines the requirements for information security management systems.
- ISO 27002: 2015 which gives cloud service providers and customers secure and specific implementation guidance for ISO 27002 security controls, as well as provides additional security controls specific to cloud services.
- ISO 27018:2014 provides additional security controls not covered in ISO 27002 to give cloud service providers security control for Personally Identifiable Information (PII).
Azure is used by the UK Government G-Cloud initiative which supports easy procurement of cloud computing services for public-sector bodies in departments of the United Kingdom Government.
Azure has also attained Cyber Essentials PLUS certification meeting the requirements of the Cyber Essentials Scheme Assurance Framework, a UK government-defined scheme to help organisations protect against common cyber-security threats.