8 800 250-10-01Connect
Project solutions
Industry solutions
Оставить заявку

Information security

Consulting and professional services to protect IT systems of any purpose and complexity level

Information security

Increase the sustainability of your business

Business usually focuses on productivity and cost-effectiveness when developing corporate IT systems. Information security issues are not always given due attention. Besides, investing in building your own information security department and developing the competencies of employees is rarely expedient.

#CloudMTS offers a full range of consulting and professional services in the field of information security. We provide a comprehensive approach to data protection and compliance with industry and international standards.

Information security and data protection service portfolio

Information security audit

for an objective assessment of the current state and professional recommendations for the further security development
  • Information security audit (comprehensive survey)
  • Information security strategy development, including information security standards and concepts
  • Maturity level of information security management and assurance processes assessment
  • IT infrastructure security audit
  • Security analysis of critical information systems
  • Risk assessment
  • Instrumental security analysis, OSINT
  • Attack vectors identification, prioritization of remedial actions
  • Performing works with minimal impact on the IT infrastructure
  • Analysis of possible attacks consequences

Infrastructure protection

to reduce the risk of malicious threats and availability violations
  • Network device configurations analysis and management
  • Account Management and Access Rights (IGA)
  • Database and Application security
  • Unstructured Data Access Control (DAG)
  • Vulnerabilities management
  • Mobile device security
  • Protection against APT and 0-day attacks
  • Web application protection
  • Network infrastructure protection
  • Communication channels protection
  • Network access control
  • Leak protection and User Action Control (DLP)
  • Control of user and administrator actions
  • Public Key Infrastructure (PKI)

Management systems

consulting to ensure the transparency and effectiveness of security systems
  • Information security management (ISO/IEC 27001)
  • Information security risk management
  • IT service management (ISO / IEC 20000-1)
  • Business continuity management (ISO 22301)
  • Performance monitoring, metrics and reporting system
  • Information security training and awareness program
  • Development of organizational and administrative documentation

Compliance with the requirements

consulting for strict compliance with legal and industry regulatory standards
  • GIS Security (Order No. 17 of the Federal Service for Technical and Export Control)
  • Security of CII facilities (FL#187)
  • Security of personal data (FL#152)
  • GDPR compliance
  • Information system training and certification
  • PCI DSS compliance
  • PA-DSS compliance
  • PCI 3DS compliance
  • Compliance with the PCI PIN Security
  • Compliance with GOST R 57580.1-2017 (state standard)
  • Compliance with the Bank of Russia Regulation requirements No. 382-P/719-P

Cyber threat modeling

to assess the degree of readiness to counteract cyber threats
  • Penetration testing in Red Team mode (Red Team Assessment)
  • Wireless network security testing
  • Penetration testing
  • Cyber-learning
  • Social engineering testing
  • Load testing (DDoS emulation)
  • Information security solutions testing

Complementary partner services

Our partners
  • GIS certification (FSTEC Order No. 17)
  • PDIS certification (FL No. 152)
  • PCI DSS certification
  • Audit of the information security management system (ISO 2700x)

Additional features

Design and implementation of Information Security solutions

Firewalls, Web Security gateways, Proxy
Intrusion prevention systems
Traffic analysis systems
Email security gateways
Secure Remote Access systems: VPN, 2FA, OTP, NAC, MDM
Network Access Control systems, NAC
Secure Virtual networks, VPN / SSL VPN / GOST VPN
Data center communication channel protection
Virtualization protection, virtual infrastructure protection
System for web applications protection/ Web Application Firewall / WAF
Workplaces and servers protection: antivirus software, EDR, protection against NSD
Change and integrity control systems, configuration management (compliance)
Security analysis and penetration test automation systems
Security Development Lifecycle / SDLC / SSDLC / DevSecOps
Web application dynamic analysis tools / Web application scanners
Targeted attack protection systems: Sandbox, Honeypot, EDR
Threat Intelligence / TI, Cyber intelligence platform / Cybersecurity threat platform / Threat feeds / IOC
DLP / Data Leak Prevention System
Privileged access control/ PAM
Mobile Device Security / MDM
Information security and incident management systems, SIEM / Security information and event management system
SOAR and IRP- systems for information security incident management and response automation
Database protection systems

Ensuring compliance with the requirements of regulators and legislation

Bank of Russia Regulation No. 382-P
GOST R 57580.1-2017 (state standard)

Solutions from trusted vendors

Ready to entrust IT security to #CloudMTS?

Our partners



Data management in hybrid multicloud environments


BaaS и ФЗ-152 — особенности работы в защищенном сегменте


IaaS ФЗ-152: Всё о защите персональных данных в облаке


Corporate mail #CloudMTS


Что такое Публичное облако (Elastic Cloud)


Project solutions


Backup Commvault


Backup Veeam


Private Cloud


Аттестованные Облака ФЗ-152: концепция безопасности и решения С-Терра для виртуальной среды


Объектное S3-хранилище на базе Dell ECS


Построение гибридного облака на практике


Обновленная линейка Microsoft Online Services


Как автоматизировать процессы с помощью VMware vRealize Automation


Инструменты для анализа больших данных в облаке: детали всегда имеют значение


Облачные ИТ-решения в большом бизнесе: мифы, правда и холодный расчет


Обзор современных BaaS-решений для резервного копирования


Решения для оптимизации ИТ-инфраструктуры в сфере логистики

Article Article

Expert article

The Evolution of Web Application Firewall: From Firewalls to Machine Learning Cloud Security

Read the article
Expert article

Ральф Баер: пиксель, пиксель, огуречик

Read the article
Expert article

Знакомство с vRealize Automation

Read the article
Expert article

Kubernetes: open source против вендорского

Read the article
Expert article

Почему традиционные антивирусы не подходят для публичных облаков. И что делать?

Read the article

Вопросы и ответы

Sign up to #CloudMTS news updates