Doug Austin

Here’s a Standard Friday Post…About Standards Compliance…From Compliance!: eDiscovery Best Practices

It hasn’t even been eight months yet since I launched this blog, but I’ve already written numerous times about remote work during the pandemic – as well as use of cloud platforms to support that remote work.  But how do you know if the cloud platform you’re using is secure?  As this article from Compliance discusses, a lot of it is about whether or not they adhere to standards, especially ISO 27001:2013/17.

In their recent article ISO 27001:2013/17: The Best Defense Against Increased Cyberattacks, Compliance discusses the ISO 27001:2013/17 standard and why you should care about it. So, here are a few questions for you about ISO 27001:2013/17 – see how many you know the answer to:

  • What is the ISO 27001 intended to support?
  • When was the ISO 27001 standard originally published?
  • What do the “:2013” and the “/17” represent?
  • What does it take to become an ISO 27001:2013/17 compliant provider?
  • Once you become an ISO 27001:2013/17 certified provider, are you certified for life?  Note: I said “certified”, not “certifiable” (which is what you might become if you host your data with somebody who isn’t ISO 27001:2013/17 certified.

ISO 27001:2013/17 is only one of several certifications that you want to verify with your cloud provider – there are several others that personal information (including health information), management of data and even specific ones for the defense industry.  D-FENS!

So, what are the answers to those standards and the other questions?  The answers to these questions (and more) are available in their article here.  And, please share any comments you might have or if you’d like to know more about a particular topic.

Disclosure: Compliance is an Educational Partner and sponsor of eDiscovery Today

Image Copyright © Warner Bros.

Disclaimer: The views represented herein are exclusively the views of the authors and speakers themselves, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Assistant

Leave a Reply