Cisco’s Webex, a leading unified communications and collaboration platform, has become the first of its kind to achieve adherence to the EU Cloud Code of Conduct (EU Cloud CoC) Level 3. This significant milestone was reached after undergoing an independent third-party assessment and audit, which verified the platform’s compliance with all code controls.
The validation was conducted by SCOPE Europe, the monitoring body of the EU Cloud CoC, providing double confirmation of Webex’s commitment to Level 3 adherence and reinforcing the platform’s compliance and security of its cloud services.
Cisco had previously made a public commitment in 2021 to incorporate the EU Cloud CoC controls into its solutions from the design stage. These controls were operationalized into the Cisco Cloud Controls Framework (CCF), which follows a “build-once-use-many” approach to compliance accreditation. By leveraging Webex’s existing certifications, including Japan’s Information System Security Management and Assessment Program (ISMAP), Cisco’s CCF facilitated a faster preparation for the EU Cloud CoC Level 2 and 3 assessments. The centralization of various compliance requirements through the CCF offered a unified strategy for understanding and meeting these obligations.
The adoption of this centralized approach benefits global cloud service providers like Cisco, which operates in over 100 markets with diverse compliance requirements. By converging security and privacy controls, Cisco Cloud Services (CCS) can ensure data protection by design and use the EU Cloud CoC controls as a baseline for global data protection requirements.
The EU Cloud Code of Conduct serves as an assurance framework for cloud service providers to demonstrate compliance with the EU General Data Protection Regulation (GDPR). It covers various aspects such as transparency, accountability, data minimization, data breach notification, and lawful data processing. The framework aims to empower individuals and enhance their control over their personal data, particularly regarding its storage in the cloud.
In line with its focus on security and compliance-oriented solutions, Cisco has made significant strides in 2023. During Cisco Live last month, the company showcased generative AI capabilities aimed at simplifying security policy management and improving threat response within its Security Cloud initiative. Additionally, Cisco introduced the Cisco Secure Access solution, powered by AI, to enable seamless access across different locations, devices, and applications while ensuring security.
Cisco has also established partnerships focused on security. Spectrum Enterprise joined forces with Cisco in May to enhance business cybersecurity solutions, introducing Secure Access with Cisco Duo and Cloud Security with Cisco+ Secure Connect to its portfolio. Furthermore, cloud-based email security vendor Abnormal Security launched new threat detection capabilities in collaboration with Cisco, providing enhanced security measures for Cisco platform users.
With these developments, Cisco continues to demonstrate its commitment to delivering robust security and compliance solutions to meet the evolving needs of organizations worldwide.