Certification of IT security products

Our company is accredited as a testing laboratory performing Information Technology security evaluation and testing in accordance with the FSTEC of Russia mandatory provisions for information security products certification, "GAZPROMSERT" voluntary products and services certification, "ITSERTIFICA" voluntary IT products certification. The company has vast experience in testing domestic as well as foreign IT security systems.

Attestation of information systems

The attestation of information systems refers to a wide range of organizational and technical measures for confirming that the information system meet the requirements of standards and other guideline documents for information security, approved by FSTEC of Russia. Our company is accredited as a assessment laboratory for information systems security attestation in the FSTEC of Russia certification system. We accredited to conduct the certification of information systems of all types and security classes from the premises and stand-alone PCs up to distributed information systems.

Private data

Federal law of July 27, 2006 No. 152-FZ On personal data, Chapter 14 of the Labor Code of the Russian federation No. 197-FZ dated December 30, 2001, and the Russian Federation Government Resolution No. 781 dated November 17, 2007 established rules governing processing and ensuring the confidentiality of personal data of company’s employees as well as third-party individuals whose personal data are processed in the organization. Our company offers services for implementing personal data protection in order to meet the requirements of regulators.

Information Security Management Systems

In accordance with the FSTEC of Russia licenses ZAO “DOCUMENT SYSTEMS” carries out activities related to the development of information systems for processing confidential information. According to this the development of integrated Information Security Management System (ISMS) for the customer’s information system is conducted. Information Security Management System is developed on the basis of international standards ISO 17799 and ISO 27001, it allows to achieve the necessary level of information systems security and significantly reduce the risk of the implementation of information security threats.

Security evaluation

Our company conducts vulnerability assessment of information systems to confirm their compliance with the requirements of FSTEC of Russia guidelines, as well as the compliance with the requirements of international and national information security standards. The procedure of audit assesses the information security measures management as well as the effectiveness of security measures.

Penetration testing

Testing aimed at circumventing the security features of customer’s information system. Penetration testing is a worldwide popular service in the information security field. This type of testing enables to evaluate the actual level of security of company’s information resources from the position of an external attacker or malicious employee of the company.