G
I'm helping a very small hosting service provider with their ISMS - ISO 27001:2013. I am at the beginning of the project, but am trying to foresee any potential obstacles/challenges. One of them is how should I treat this provider's clients' assets, e.g. their SaaS and PaaS instances like VMware images, mailing systems, etc.? Should I care about them at all or would it be enough to encompass all the contracts and NDAs this cloud provider has with their clients?
To spice a bit more, the provider does not have a data centre of their own, but rather uses some floor space in one big DC.
To spice a bit more, the provider does not have a data centre of their own, but rather uses some floor space in one big DC.
Last edited by a moderator: