Protected Virtual and Physical Infrastructure in Compliance with the Requirements of the Legislation on Personal Data Processing and Protection
- Dedicated personal data processing infrastructure compliant with the security requirements of Federal Service for Technical and Export Control (FSTEC) and FSS of the Russian Federation.
- Implementation of measures to protect information and provide the first level of protection (UZ1) in compliance with the requirements of Orders No. 17 and No. 21 of FSTEC of Russia.
- The protected infrastructure is based on geographically distributed data centers located in Moscow to implement a disaster-proof critical data processing solution.
- Cryptographic protection of communication lines in compliance with the requirements of FSS of Russia.
- The protection facilities used are certified by FSTEC and FSS of Russia.
- Accreditation of the deployed personal data information system up to and including UZ1.
- The protected infrastructure is provided based on the licenses issued by FSTEC for the activities of engineering protection of confidential information and FSS licenses for cryptographic data protection activities.
LOCALIZATION OF PERSONAL DATA IN COMPLIANCE WITH THE REQUIREMENTS OF 242 FZ
- The capability of implementing primary data processing infrastructure in the Russian Federation within a protected structure providing security measures up to and including UZ1 (processing of special categories of personal data).
- Arrangement of direct L2 connections with the Russian infrastructure having guaranteed technical specifications from abroad to provide access to primary personal data processing for international businesses.
SOLUTION ARCHITECTURE
- The protected infrastructure is based on M1 Data Center (125 Varshavskoye Avenue, Moscow) and DataPro Data Center (69 Aviamotornaya Street, Moscow). Each data center provides redundancy of all protection components.
- Cryptographic protection subsystem is based on AKPSH Kontinent's line of products and has the failsafe structure using Krypto Pro cryptographic algorithms.
- Subsystem providing secure internetworking and intrusion detection and prevention is realized using AKPSH Kontinent and APK Detektor Atak (Attack Detector) products and a failsafe structure.
- Subsystem ensuring security of virtualization environment is based on vGate R2 suite designed for protection of VMware environment.
- Antivirus protection subsystem is built using Kaspersky Security products.
- Unauthorized access protection subsystem is based on Secret Net products designed to provide protection of virtual host systems within operating under Microsoft Windows and Linux.
- Security level analysis subsystem is implemented using Xspider products.
- DDoS attack protection subsystem is supported by the connection to Qrator and Kaspersky traffic filtration services.
"By way of completing this form, by my own will and in my interests I give my consent to Stack Group, Limited Liability Company (OGRN 1137746371487) located at the address: 125319, Moscow, 6 Bolshoi Koptevsky Proyezd, premise IV, room 16, for the processing of my personal data for the purpose of communication with potential consumers of services and the products of the company.
My personal data, in respect of which this consent is being given, includes last name, first name, patronymic, job position, contact telephone number, e-mail address, company name.
Actions with my personal data, for which I give this consent, include, without limitation: collection, recording, systematization, accumulation, storage in the personal data information system, clarification (update, modification), extraction, use, depersonalization, blocking, deletion, destruction of personal data using automation aids or without the use of such aids, and other actions stipulated by the applicable legislation of the Russian Federation and required for the implementation of the aforementioned purpose of processing, as well as the transfer of personal data to any third parties, to which Stack Group, LLC, transfers the respective personal data in order to achieve the aforementioned objectives, subject to ensuring safety by these persons as to the aforementioned personal data, including their cross-border transfer to the countries that are parties to the Convention of the Council of Europe on the protection of private individuals with regard to automatic processing of personal data.
The Consent shall be valid for five years and shall terminate upon the occurrence of any of the following events: withdrawal of the consent to the processing of personal data, implementation of the objectives of personal data processing, upon expiration of the timeframes for personal data processing.
The fact of confirmation of the aforementioned is the mark in the field "Consent to the processing of personal data" before sending the data from the form".