ISO/IEC 27001 is a security management standard jointly published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO/IEC 27001 specifies security management best practices and comprehensive security controls. It is an optional standard that some organizations choose to implement, both to benefit from the best practices it contains and to reassure customers that its recommendations have been followed.
We'll help you determine which regulations your organization needs to meet.Contact Us
When using Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), or any other cloud service provider, security and compliance is a shared responsibility between the cloud provider and the customer. You as the customer are responsible for configuring and using cloud services in a way that complies with the applicable directives contained within ISO/IEC 27001.
DivvyCloud enables you to automate security and compliance with ISO/IEC 27001. DivvyCloud provides dozens of out-of-the-box policies as part of our ISO/IEC 27001 compliance pack that map back to specific directives within ISO/IEC 27001. For example, DivvyCloud’s policy “Access List Exposes Windows RDP to World (Security Group)” supports compliance with the “A.11.4.4 – Remote diagnostic and configuration port protection” directive in ISO/IEC 27001. You can immediately use the ISO/IEC 27001 compliance pack to identify and remediate policy violations in real time.