When is a customized solution necessary?
Your company is included in the Roskomnadzor's list of scheduled inspections for compliance with the requirements of personal data legislation.
You process big amounts of personal data.
You are planning to migrate the infrastructure to Russia in compliance with the necessary requirements of the Federal Law “On Personal Data”.
This is not about you?
Learn more about the basic solution “Secure Cloud 152-FZ”
How we work
We carry out a full cycle of works on organizing protection of personal data in your company or carry out any stage of audit and bring the information system in line with the requirements of regulators.
We implement a PD processing system that complies with the requirements of the legislation in the Russian Federation.
Works are carried out in partnership with a FSTEC and FSB licensee.
Compliance with Federal Law No.152: project stages
As part of developing a customized solution, you can choose the scope of work that is
optimal for your business: consulting, documentation development and other.
- Business processes analysis We investigate the current business processes, determine the degree of their compliance with the requirements of the legislation.
- Preparation for solution development
- We formulate requirements for the protection of personal data.
- We determine the security grade.
- We model the relevant threats.
- We prepare a customized specification.
- Development of a security system We develop a technical project and a set of working documentation containing specific organizational and technical solutions to be implemented within the framework of the personal data protection systems.
- Implementation of the protection system We supply, install and configure information security tools. We develop internal documentation defining rules and procedures implemented to ensure information protection (instructions, regulations etc.).
- Performance evaluation We evaluate the effectiveness of measures taken to ensure the safety of PD in the form of certification or an expert opinion.
- Learn more
Application of requirements of FZ-152
The company uses one or more information systems to process personal data. It is necessary to introduce a system for protection of personal data to comply with the requirements of the Russian Federation’s federal legislation.
- Infrastructure audit and preparation of personal data protection system requirements.
- Selection of a basic or customized solution.
- Development of the necessary documentation package and support in case of possible checks.
The customer uses information systems of a certain security grade and have a certificate. It becomes necessary to transfer them to the cloud infrastructure.
- Development and creation of a personal data protection system taking into account solutions already used to minimize customer costs.
- Revision of existing documentation, its adaptation to the cloud infrastructure.
The company requires a complete set of documents for each information system that processes personal data. It is necessary to conduct an audit or compile missing documents on the existing personal data information systems.
Audit implementation and development of all necessary documentation for systems processing personal data in accordance with the requirements of the Russian legislation.