Is Azure ISO 27001 certified

Azure Germany TÜV certified

TÜV seal for the cloud: Microsoft Azure Germany meets the international certification standard for information security management systems (ISO 27001) and the protection of personal data in public clouds (ISO 27018).

The use of the cloud raises questions in companies about the security of data and the legal permissibility of outsourcing sensitive information. For the German Azure cloud from Microsoft [1], TÜV NORD CERT has now certified the conformity of the information security management system according to ISO / IEC 27001: 2013 for the public cloud services.

This confirms that Microsoft is complying with its own high security standards as well as regulatory and legal requirements with regard to information security. In addition, compliance with ISO / IEC 27018: 2014 was established for the activities of the Microsoft cloud services that were checked. ISO / IEC 27018 requires the protection of personal data (PII) in public clouds.

The subject of the certification is the management of selected services from Microsoft Azure Germany by the operating company Microsoft Germany MCIO GmbH. For this purpose, Microsoft commissioned an independent audit of the information security management by the auditing company TÜV NORD CERT.

Part of the audit was in particular the review of the data trustee model, including the access controls to the customer data (role based access control) by the data trustee.

01/23/2017 / dr