Certification of IT security products

Our company is accredited as a testing laboratory performing Information Technology security evaluation and testing in accordance with the FSTEC of Russia mandatory provisions for information security products certification, "GAZPROMSERT" voluntary products and services certification, "ITSERTIFICA" voluntary IT products certification. The company has vast experience in testing domestic as well as foreign IT security systems.

Services provided in the FSTEC of Russia certification system

Types of certified products:

  • technical means of information security;
  • secure technical means of information processing;
  • technical means for monitoring the effectiveness of information security;
  • tools for information protection from unauthorized access;
  • protected from unauthorized access software for data processing;
  • software for controlling information protection from unauthorized access.

Procedure of certification testing:

  • testing for the compliance with the FSTEC of Russia requirements and guidelines for protection of information from unauthorized access;
  • testing for the compliance with the FSTEC of Russia requirements and guidelines for protection of information from leaking through technical facilities;
  • testing for the compliance with the FSTEC of Russia requirements and guidelines for absence of non-declared functions;
  • testing for the compliance with the requirements of standard GOST R ISO / IEC 15408-2002.

Types of certification:

  • certification of a single sample product;
  • certification of a lot of product identical samples with a fixed number of copies;
  • certification of production process of product identical samples with unrestricted number of copies;
  • certification, including testing of a single sample product and expertise of the process of production of certified products.

Services provided in "GAZPROMSERT" certification system

Types of certified products:

  • Software and products of information technology;
  • Activities related to the use of computers and information technology.

Procedure of certification testing:

  • certification testing of products, software and products of information technology for the compliance with the standard of Gazprom organization requirements;
  • certification testing and testing for the compliance with the standard of Gazprom organization requirements of the activity connected to security architecture design, installation, balancing and commissioning works and maintenance of systems and information security products including secure information systems.

Types of certification:

  • testing of a standard sample product;
  • testing of samples from a lot of product;
  • testing of each sample from a lot of product;
  • production analysis.

Services provided in "ITSERTIFICA" certification system

Types of certified products:

  • technical means of information protection from leaking through technical facilities, including means of monitoring the effectiveness of taken information security measures, the main and auxiliary technical means and secure information systems;
  • IT security products (software, technical and combined) for information protection from unauthorized access, access blocking and breach of integrity;
  • means of monitoring the effectiveness of IT security products;
  • management and control systems of dangerous production facilities;
  • secure software for information processing;
  • general purpose software;
  • IT security products for protection of information transmitted via telecommunications networks;
  • IT security products and systems in telecommunications networks;
  • organization’s information security management systems.

Procedure of certification testing:

  • assurance security level evaluation of IT security products and information technology products from unauthorized access;
  • assurance security level evaluation of absence of non-declared functions in the software;
  • conformity assessment of protection profile, security target's, technical requirements specification and standards.

Types of certification:

  • evaluation (testing) of a standard sample product and its documentation, supervisory control of the certified products;
  • evaluation (testing) of a standard sample product and its documentation, analysis of production (exploitation), supervisory control of the certified products;
  • evaluation (testing) of a lot of products and its documentation;
  • evaluation (testing) of a single sample product and its documentation.
English