Case Study: Microsoft strengthens cloud security and privacy with BSI certification

Microsoft Sets a High Bar for Information Security

Microsoft wanted to strengthen trust in its cloud services as customers and regulators grew more concerned about data security, privacy, and the handling of personally identifiable information (PII). The challenge was especially important across Microsoft Office 365, Microsoft Azure, Microsoft Dynamics CRM, and its global data center infrastructure, where consistent protection and clear communication of privacy commitments were needed worldwide.

BSI helped Microsoft certify multiple cloud divisions to ISO/IEC 27001 and verify conformance to ISO/IEC 27018, the cloud privacy standard. This gave Microsoft third-party evidence of strong information security and PII protection controls, improved customer trust, supported compliance discussions with regulators, and reduced the need for individual customer on-site audits. BSI’s global reach also helped Microsoft bring its worldwide cloud operations under one consistent certification scope.

Microsoft

Tom Keane

Director