Get a demo
I hereby consent to the processing of my personal data specified herein by CROC, for the purposes and within the scope set forth by the Personal Data Protection legislation of the Russian Federation, in conjunction with the activities performed and for an indefinite term.
Solution of interest
Get a quote
I hereby consent to the processing of my personal data specified herein by CROC, for the purposes and within the scope set forth by the Personal Data Protection legislation of the Russian Federation, in conjunction with the activities performed and for an indefinite term.
Solution of interest
Try for free
I hereby consent to the processing of my personal data specified herein by CROC, for the purposes and within the scope set forth by the Personal Data Protection legislation of the Russian Federation, in conjunction with the activities performed and for an indefinite term.
Solution of interest
Ru
+7 (495) 974-22-74
Services Technology Customers About us Support
Blog
Get a demo

With us you can

Search by tags

Best month

SBI Bank Migrates to CROC's Hybrid Cloud
Dell Technologies Recognizes CROC as IT Transformation Leader
Main Technology

Cloud Certified for Compliance with Personal Data Protection Law ( 152-FZ)

To host personal data (PD) and PD systems in compliance with Federal Law 152-FZ, CROC Cloud Services offers either IaaS in a protected segment of its cloud or HaaS.

Here, personal data means any information related, directly or indirectly, to a particular individual, while personal data information system means a set of information technologies and tools installed in relevant databases and used to process personal data, like mail systems, directory services (e.g., Microsoft Active Directory, Novell eDirectory), business apps, etc.

Content

  1. Personal data classification
  2. Category-specific protection model
  3. Protected segment of CROC's Cloud In Detail
  4. Document and certification assistance

Personal data classification

Personal data is assigned a certain protection level (from 1 to 4) depending on data category, number of personal data subjects whose details are stored and processed by an operator, and relevant threats.


croc-cloud-schems20_2_eng-01.png

Category-specific protection model

CROC Cloud Services protects personal data of all protection levels by offering IaaS in a protected segment of CROC's cloud (protection levels 3 and 4) or HaaS with an extended set of security means, including hardware (protection levels 1 and 2).


croc-cloud-schems20_2_eng-02.png

Protected segment of CROC's Cloud In Detail

To protect personal data using IaaS, CROC Cloud Services employs a virtualization platform certified to process personal data of up to protection level 3 and confidentiality level 3 and provides individual protection for each customer's personal data information system. The above covers all technical and organizational protection measures required for personal data storage.


croc-cloud-schems20_1_eng-01.png

Technical protection tools certified by FSTEC and FSB and ensuring the target protection level:

  • Virtualization protection tools
  • Firewall
  • Communication channel cryptoprotection
  • Intrusion detection
  • Antivirus
  • Unauthorized access protection
  • Security assessment
  • Trusted load hardware-and-software modules

All the above is required by Russian law for storing and processing personal data in cloud infrastructure.

Document and certification assistance

CROC Cloud Services develops private threat models and sets of regulatory documents and guidelines compliant with Federal Law 152-FZ "On Personal Data":

  • Personal data security regulation
  • Design documentation
  • Plans
  • Instructions and rules
  • Orders
  • Acts
  • Subject's consent

We also assist in obtaining certificates of personal data system compliance with the required protection level.

See also

  1. CROC's proprietary cloud platform
  2. Security
  3. Infrastructure Services
  4. Private Cloud
  5. CROC Cloud services on Cisco technologies
  6. Technology vendors
CROC 2012-2019,
All Rights Reserved
www.croc.ru
Personal data processing policy
Services Technology Customers About us Support Blog
Get a demo
+7 (495) 974-22-74
cloud@croc.ru
www.croc.ru
Get a demo
Website design
Typesetting
and programming
JSC CROC incorporated uses cookies (files with data on previous visits) on this website to personalize and improve user experience, as well as Yandex Metrics and/or Google Analytics, and/or Facebook Pixels. By using this website, I confirm that I have been provided with an opportunity to decline/block cookies in browser settings or anonymize my web browsing in order to prevent usage of my personal data.