8 800 250-10-01 Connect
Services
Project solutions
Partnertship
Support
Useful
Company
Подключиться
Eng

Information security

Consulting and professional services to protect IT systems of any purpose and complexity level

Increase the sustainability of your business

Business usually focuses on productivity and cost-effectiveness when developing corporate IT systems. Information security issues are not always given due attention. Besides, investing in building your own information security department and developing the competencies of employees is rarely expedient.

MTS Cloud offers a full range of consulting and professional services in the field of information security. We provide a comprehensive approach to data protection and compliance with industry and international standards.

Information security and data protection service portfolio

Information security audit

for an objective assessment of the current state and professional recommendations for the further security development
  • Information security audit (comprehensive survey)
  • Information security strategy development, including information security standards and concepts
  • Maturity level of information security management and assurance processes assessment
  • IT infrastructure security audit
  • Security analysis of critical information systems
  • Risk assessment
  • Instrumental security analysis, OSINT
  • Attack vectors identification, prioritization of remedial actions
  • Performing works with minimal impact on the IT infrastructure
  • Analysis of possible attacks consequences

Infrastructure protection

to reduce the risk of malicious threats and availability violations
  • Network device configurations analysis and management
  • Account Management and Access Rights (IGA)
  • Database and Application security
  • Unstructured Data Access Control (DAG)
  • Vulnerabilities management
  • Mobile device security
  • Protection against APT and 0-day attacks
  • Web application protection
  • Network infrastructure protection
  • Communication channels protection
  • Network access control
  • Leak protection and User Action Control (DLP)
  • Control of user and administrator actions
  • Public Key Infrastructure (PKI)

Management systems

consulting to ensure the transparency and effectiveness of security systems
  • Information security management (ISO/IEC 27001)
  • Information security risk management
  • IT service management (ISO / IEC 20000-1)
  • Business continuity management (ISO 22301)
  • Performance monitoring, metrics and reporting system
  • Information security training and awareness program
  • Development of organizational and administrative documentation

Compliance with the requirements

consulting for strict compliance with legal and industry regulatory standards
  • GIS Security (Order No. 17 of the Federal Service for Technical and Export Control)
  • Security of CII facilities (FL#187)
  • Security of personal data (FL#152)
  • GDPR compliance
  • Information system training and certification
  • PCI DSS compliance
  • PA-DSS compliance
  • PCI 3DS compliance
  • Compliance with the PCI PIN Security
  • Compliance with GOST R 57580.1-2017 (state standard)
  • Compliance with the Bank of Russia Regulation requirements No. 382-P/719-P

Cyber threat modeling

to assess the degree of readiness to counteract cyber threats
  • Penetration testing in Red Team mode (Red Team Assessment)
  • Wireless network security testing
  • Penetration testing
  • Cyber-learning
  • Social engineering testing
  • Load testing (DDoS emulation)
  • Information security solutions testing

Complementary partner services

Our partners
  • GIS certification (FSTEC Order No. 17)
  • PDIS certification (FL No. 152)
  • PCI DSS certification
  • Audit of the information security management system (ISO 2700x)

Additional features

Design and implementation of Information Security solutions

Firewalls, Web Security gateways, Proxy
Intrusion prevention systems
Traffic analysis systems
Email security gateways
Secure Remote Access systems: VPN, 2FA, OTP, NAC, MDM
Network Access Control systems, NAC
Secure Virtual networks, VPN / SSL VPN / GOST VPN
Data center communication channel protection
Virtualization protection, virtual infrastructure protection
System for web applications protection/ Web Application Firewall / WAF
Workplaces and servers protection: antivirus software, EDR, protection against NSD
Change and integrity control systems, configuration management (compliance)
Security analysis and penetration test automation systems
Security Development Lifecycle / SDLC / SSDLC / DevSecOps
Web application dynamic analysis tools / Web application scanners
Targeted attack protection systems: Sandbox, Honeypot, EDR
Threat Intelligence / TI, Cyber intelligence platform / Cybersecurity threat platform / Threat feeds / IOC
DLP / Data Leak Prevention System
Privileged access control/ PAM
Mobile Device Security / MDM
Information security and incident management systems, SIEM / Security information and event management system
SOAR and IRP- systems for information security incident management and response automation
Database protection systems

Ensuring compliance with the requirements of regulators and legislation

FL#152
Bank of Russia Regulation No. 382-P
719-P
GOST R 57580.1-2017 (state standard)

Solutions from trusted vendors

Ready to entrust IT security to MTS Cloud?

Our partners

Video

Event

Data management in hybrid multicloud environments

1:30
Webinar

BaaS и ФЗ-152 — особенности работы в защищенном сегменте

2:05
Webinar

IaaS ФЗ-152: Всё о защите персональных данных в облаке

2:55
Services

Corporate mail MTS Cloud

4:24
Services

Что такое Публичное облако (Elastic Cloud)

Services

Project solutions

Services

Backup Commvault

Services

Backup Veeam

Services

Private Cloud

Webinar

Аттестованные Облака ФЗ-152: концепция безопасности и решения С-Терра для виртуальной среды

Webinar

Объектное S3-хранилище на базе Dell ECS

Webinar

Построение гибридного облака на практике

Webinar

Обновленная линейка Microsoft Online Services

Webinar

Как автоматизировать процессы с помощью VMware vRealize Automation

Webinar

Инструменты для анализа больших данных в облаке: детали всегда имеют значение

Webinar

Облачные ИТ-решения в большом бизнесе: мифы, правда и холодный расчет

Webinar

Обзор современных BaaS-решений для резервного копирования

Webinar

Решения для оптимизации ИТ-инфраструктуры в сфере логистики

Article Article

Expert article

The Evolution of Web Application Firewall: From Firewalls to Machine Learning Cloud Security

Read the article
Expert article

Ральф Баер: пиксель, пиксель, огуречик

Read the article
Expert article

Знакомство с vRealize Automation

Read the article
Expert article

Kubernetes: open source против вендорского

Read the article
Expert article

Почему традиционные антивирусы не подходят для публичных облаков. И что делать?

Read the article

Вопросы и ответы

Sign up to MTS Cloud news updates