Moving your data into the cloud raises concerns about privacy. For some organizations, on-premises data solutions are still preferred, due to the fact that the data remains on your servers and in your data centers. Choosing to move that data to the cloud requires a considerable amount of trust between you and your cloud vendor. Microsoft understands that when you use their cloud services, you are entrusting them with your most valuable asset—your data. You trust that its privacy will be protected and that it will be used only in a way that is consistent with your expectations.
For more than two decades, Microsoft has been a leader in creating robust online solutions designed to protect customer privacy. Their approach to privacy and data protection is grounded in their commitment to organizations’ ownership of and control over the collection, use, and distribution of their data. Microsoft strives to be transparent in their privacy practices, offer meaningful privacy choices, and responsibly manage the data they store and process. One measure of their commitment to data privacy is their adoption of the world’s first code of practice for cloud privacy, ISO 27018.
The International Organization for Standardization (ISO) is an independent nongovernmental organization and the world’s largest developer of voluntary international standards. ISO 27018 gives specific guidance to cloud service providers (CSPs) acting as processors of personally identifiable information (PII) on assessing risks and implementing state-of-the-art controls for protecting PII. To remain compliant, Microsoft cloud services are subject to annual third-party reviews.
Mai Ali's Technical Blog 