When creating a cloud infrastructure for customers and delivering resources from Virtual Data Center and its own physical data centers, CROC uses and offers services which ensure protection from both typical (information leak, network attack) and cloud-specific (dependence on provider, failure to comply with regulations) threats. CROC provides security consulting services and employs solutions that guarantee uninterrupted operation of virtual infrastructure and help manage cloud service lifecycle.

Customers can also benefit from Security as a Service (SecaaS), which allows for information systems and customer data to be protected in CROC's special-purpose secured cloud.

Virtual Data Center cloud protection tools

Protection tools integrated into the Virtual Data Center ensure basic security and effectively delimit customers' resources.

Protection tools integrated into the Virtual Data Center include:

• Firewall
• Security of communication channels (VPN)
• Segmentation of customers' networks, resource access delimitation and control
• Information security event monitoring

CROC's secured cloud

In order to protect mission critical information (including personal data) hosted in its Virtual Data Center and physical data centers, CROC offers extra cloud-based security services to banks, financial institutions, and other companies seeking maximum data security and regulatory compliance and, therefore, leverages special tools which are certified by the Federal Service for Technical and Export Control (FSTEC) and the Federal Security Service (FSB) of Russia.

CROC's secured cloud is ideal for hosting information systems that process Russian citizens' personal data and thus require a set of certified security tools and systems to be in place. CROC's cloud security services ensure personal data protection as required by the effective legislation of the Russian Federation (Federal Law 'On personal data' No. 152-FZ of July 27, 2006; personal data protection orders and requirements set by FSTEC and FSB) with respect to personal data information systems of the third and fourth security levels.

CROC uses these tools in its comprehensive services in order to build personal data protection systems in line with a customer's model of potential threats. CROC enables customers to create unique or typical secured cloud solutions and saves them the trouble of configuring and maintaining individual components, solving compatibility issues, etc.

Principles of Building Private Cloud Security Architecture

Principles of Building Security Architecture

Key security services in CROC's cloud:

• Firewall
• Security of communication channels (VPN)
• Anti-virus protection
• Unauthorized access protection
• Analysis of vulnerabilities