Ex Libris Achieves ISO 27018 Certification for Cloud Privacy
Becomes first vendor in the industry to adopt globally recognized standard for cloud privacy
Ex Libris® Group, a ProQuest company, is pleased to announce that the company has achieved certification for ISO/IEC 27018:2014, an international standard recently published by the International Organization for Standardization (ISO) that provides a code of practice for the protection of Personally Identifiable Information (PII) in cloud computing services. The ISO/IEC 27018 standard establishes commonly accepted control objectives, controls, and guidelines to ensure that PII data is adequately protected when processed by a cloud service provider, providing a common compliance framework for cloud service providers operating in multinational markets. This certification provides Ex Libris customers with confidence that Ex Libris protects personally identifiable information in the cloud to the very highest standards.
To achieve ISO/IEC 27018:2014 certification, a company must show a continuous, structured commitment to the protection of personally identifiable information and customer data. Throughout the process of becoming compliant with ISO 27018, Ex Libris demonstrated that the Ex Libris cloud environment protects personal information in accordance with data privacy laws, that customers retain full control of their data, that customers’ data will not be used for any unauthorized purpose, and that the company is transparent about where customers’ data is stored and how it is processed.
Ex Libris is committed to providing its customers with a highly secure and reliable environment for cloud-based SaaS applications. We have developed a multi-tier security model that covers all aspects of cloud services. The security model and controls are based on international protocols, standards, and industry best practices, including ISO/IEC 27001:2013, ISO/IEC 27018:2014, and CSA Star Self-Assessment.
“Everyone at Ex Libris is proud to have achieved the very significant ISO/IEC 27018:2014 certification for Ex Libris operations and data centers worldwide,” said Ellen Amsel, Ex Libris privacy and regulation officer. “As a pioneer in cloud-based SaaS solutions in our industry, we apply a ‘highest bar’ approach to implement the most stringent internationally-certified security standards. We believe that privacy is a right, not a luxury – and protecting our customers’ data and privacy is paramount.”
Adds Tomer Shemesh, Ex Libris information security officer, “We have a history of adopting global standards and the ISO 27018:2014 certification is just the latest example of Ex Libris placing customer needs first. Adherence to the standard requires a high level of sophistication in the handling of PII and a significant commitment of time and resources to the rigorous process. This ISO certification offers our customers absolute peace of mind about the safety and privacy of the customer information stored in our data centers and enables them to embrace our cloud services with unparalleled visibility, compliance, and data security.”