Creation of protection system and assessing the security of ISPD

Services related to security audit of personal data processing systems, creation of personal data protection systems, and providing reports on compliance

We help to make the clients’ information system of personal data (ISPD) compliant with the requirements of the Russian Federal Law on Personal Data No. 152-FZ.

We provide the following services:


  • Audit and creation of the personal data protection system
  • Independent assessment of ISPD security in accordance with the requirements of the Federal Law on Personal Data No. 152-FZ
  • Annual control of information systems security


Service
Security risk assessments of ISPD
Service cost
On request



Creation of personal data protection system and security assessment according to FSTEK Order 21


To bring information systems of personal data (ISPD) in accordance with the requirements of 152-FZ we conduct an audit of the PD processing, design a security system, provide a certified virtual infrastructure, develop a methodology and assess the security, prepare documents.


ISPD audit

  • Determining the list and categories of personal data, the criteria for classification, the basis for processing;
  • Analysis of the technology and methods of personal data processing;
  • Determining the groups and the list of persons approved for processing;
  • Analysis of organizational and technical security measures.

Creation of an information protection system

  • Development of threat models;
  • Designing the protection system;
  • Delivery and implementation of information protection tools;
  • Security assessment.

Statement of compliance

The result of a positive assessment of security is a statement of compliance of the information system of personal data to the following requirements:

  • Federal Law on Personal Data No. 152-FZ
  • Government Decree № 1119 from 01.11.2012
  • Decree of the Federal Service for Technical and Export Control №21 from 18.02.2013

The assessment may also result in recommendations to resolve the complaints and bring the processes of personal data processing in compliance with the requirements.

Request a sample Security Assessment Report from our managers at sales@cloud4y.ru


ISPD in the protected cloud according to the Federal Law on Personal Data No. 152-FZ

As part of a comprehensive service, we provide IaaS-infrastructure, certified УЗ-1, К1, to host PD of 1-4 levels of security.
Go to FZ-152 Cloud



The benefits of a complete solution

Certified infrastructure according to the Federal Law on Personal Data No. 152-FZ
Cloud solution Federal law 152-FZ allows hosting even the most sensitive data (1УЗ, GIS, 1K).
Highly qualified technical support
The company has a center of competence for the evaluation and development of systems for the protection of personal data.
One-stop shop concept
Our experts provide a wide range of services to bring the ISPD in accordance with the requirements of legislation and regulators.
Flexible billing system
Pay-as-you-go billing model. Various hardware and software configurations for rent or delivery.



Assessment of compliance with the requirements of 152-FZ


The service involves the independent organization of the system of personal data protection, which requires only an expert evaluation of security in accordance with the № 21 order of the Federal Service for Technical and Export Control from the licensee. During the evaluation, we also consult on all issues related to the 152-FZ.

We offer special prices for information systems hosted in Cloud4Y Federal law 152-FZ cloud


Conformity assessment

  • Defining the list and categories of personal data, the criteria for classification, the basis for processing;
  • Analysis of the technical means and methods of personal data processing;
  • Determining the groups and the list of persons approved for processing;
  • The analysis of organizational and technical measures to ensure security.
  • Development and approval of the program and methods of compliance assessment;
  • Security assessment.

Statement of compliance

The result of a positive assessment of security is a statement of compliance of the information system of personal data to the following requirements:

  • Federal Law on Personal Data No. 152-FZ
  • Government Decree № 1119 from 01.11.2012
  • Decree of the Federal Service for Technical and Export Control №21 from 18.02.2013.

The assessment may also result in recommendations to resolve the complaints and bring the processes of personal data processing in compliance with the requirements.

Request a sample Security Assessment Report from our managers at sales@cloud4y.ru




White Paper on personal data processing
A complete guide to processing and protecting personal data in compliance with regulatory requirements. Edition. 2021



Information systems security control


FSTEC Order № 21 obliges operators of personal data to perform annual security control

The service can be provided at special prices for information systems hosted in Cloud4Y cloud.


The list of works performed to control the protection of ISPD

  • Vulnerability analysis of information systems using automated scanners and vulnerability databases;
  • Control over serviceability and proper functioning of information protection tools;
  • Control over functional capability and proper functioning of information protection means;
  • Analysis of compliance with legal requirements to the protection of personal data;
  • Recommendations on the elimination of detected vulnerabilities and bringing the protection system in compliance with personal data protection requirements.

The assessment may also result in recommendations to resolve the complaints and bringing the processes the personal data processing in compliance with the requirements.

Request a sample Security Assessment Report from our managers at sales@cloud4y.ru





Why trust Cloud4Y
12 years in cloud computing
Since 2009 the company has been successfully operating in the EMEA cloud service market.
Reliable infrastructure
4 TIER III data centers, Enterprise level hardware and software: HP, Cisco, Juniper, NetApp, VMware, Veeam, Microsoft, etc.
SLA 99.982%
Optical ring, MetroCluster and redundancy mechanisms guarantee fault tolerance of services up to SLA 99.99%.
Transparent Billing Options
Hourly billing and pay-as-you-go allow you to pay only for the resources consumed.
Geo-Distributed Backup
Automatic backup (14 restore points) in a separate remote data center.
Flexible scalability
You can add and reduce the amount of resources without need to contact technical support service.
24/7 technical support
If any technical issue occur, our team of support experts is available round-the-clock, response time is 10 minutes.
Partner Program
Earn up to 35% of your annual contract. White Label is available.

FAQ


Answers to questions can be found in the knowledge base. If you do not find an answer to a question - post it our consultants online using online chat or send an inquiry using the support ticket system.

Send a request
Let our managers know if you are interested in a solution or a service. They will contacts you within 2 hours.
You also can request a free trial access here
Scroll up!