We’re happy to announce the release of a new white paper 13 Effective Security Controls for ISO 27001.
This paper provides insight into how organizations can use thirteen security principles to address critical security and compliance controls, and how these controls can fast track an organization’s ability to meet its compliance obligations using cloud-based services.
The thirteen principles are designed on best practices that are aligned to International Organization for Standardization (ISO) 27001, the Microsoft Security Development Lifecycle (SDL), and operational security for Microsoft online services. These security principles align with ISO 27001 controls. Of the 14 ISO 27001 groups and 114 controls, these key principles have the most relevance to secure development and operations and so are highlighted with recommendations.
These security principles are designed to make cloud-based solutions more resilient to attack by decreasing the amount of time needed to prevent, detect, contain, and respond to real and potential Internet-based security threats, thereby increasing the security of related services. By incorporating these principles and recommendations, customers can help mitigate and manage security risks from early stages of their adoption of cloud computing.
For more information and a summary of the controls, please see Alice Rison’s blog post.
We hope that you’ll be able to make use of these controls and find them helpful in secure your IT assets hosted in Microsoft Azure.