Implementation of comprehensive information protection solutions is one of our top priorities. We have extensive experience and will help in improving protection of business processes against IT security threats and provide compliance with IT security requirements of regulators. SATEL has all the required IT security licenses (including state secrets) and provides the full range of IT security services – from existing system audit to development and support to integrated solutions.
IT SECURITY AUDIT
IT security audit is a most important phase in building a reliable IT security system in any company.
IT security system audit enables current status evaluation and plan next steps to improve security level.
Current status audit may discover vulnerabilities in an enterprise IT system and related risks, deliver external compliance and best IT practices assessment.
Upon results of comprehensive system audit or under dedicated processes, we will present visualized information on IT security status, identify information assets to be protected and also develop recommendations for improvement of IT security system status.
SATEL team will assist in building operational coordination of your corporate employees, allocating tasks and logging activities for improvement of IT security system.
Flexibility and tailored approach let us account for any and all specific requirements and business specifics of each individual entity in order to select an efficient enterprise data protection strategy.
SECURITY EQUIPMENT COMPLIANCE ASSESSMENT
Security equipment compliance assessment is a set of organizational and technological activities to confirm security equipment compliance, such activities enable prevention of data leaks via technological channels, unauthorized access protection and protection from any special data and data storage medium attacks.
Following functional assessment, a data protection system is tested to find out if security functions meet vendor specifications and if the system has a required level of confidence for protection mechanisms, their efficiency and coordinated performance capability. System confidence is tested by reviewing development practices, documentation, setting management and mechanism testing.
Assessment results could be certified by a document, confirming compliance with relevant data protection requirements.
Our specialists have extensive experience in certification and will help you create a data protection system depending on your business specifics.
PROTECTION AGAINST TARGETED ATTACKS
Targeted attacks are a set of activities, developed by intruders and focusing on a specific target – an entity, group of companies, industry or government agencies.
Targeted attacks are prepared based on specifics of a relevant potential target and are performed with a high degree of coordination. Intruders may dedicate much greater time and resources to such attacks, than any ordinary attack could involve. According to leading data protection vendor statistics, a successful targeted attack could remain undetected by security services for a very long period of time, during which there hidden extraction of valuable data could take place.
Contrary to common belief, protection against targeted attacks cannot be limited to implementation of Sandbox-class systems. Protection requires adequate alignment of processes, focused on prevention, detection, blocking and investigation of such attacks, and also on fine Sandbox integration with related systems (anti-virus systems, intrusion prevention systems etc.).
VIRTUAL ENVIRONMENT AND CLOUD INFRASTRUCTURE PROTECTION
Not many owners of virtual and cloud infrastructure would ever think that their protection has quite a few special features as compared to the classic approach for end device protection. Use of classic protective means in virtual and cloud infrastructures increases resource requirements of virtual machines, does not always protect from attacks between virtual machines and also makes them vulnerable to specific IT security events (for example, anti-virus storm).
Such solutions feature the following basic functions:
• Anti-virus protection
• Intrusion detection
Auxiliary functions of such solutions may feature:
• Integrity control
• Data encryption
• Event collection and analysis
• Application control
Virtual and cloud infrastructure protection solutions provide for optimized approaches to IT security development, thus increasing virtual machine density and maintain high levels of protection.
Architecture of our company’s solutions accounts for virtual environment and cloud infrastructure specifics and the company will help select a required protective toolset depending on each customer’s business context.
NETWORK PERIMETER PROTECTION AND NETWORK SECURITY
Corporate network perimeter protection is a required element of enterprise IT security, and current cloud technologies and user mobility call for new approaches to network security.
SATEL offers a comprehensive approach to resolve the following tasks: corporate network perimeter protection and monitoring, network intrusion detection and prevention, secure remote user access to corporate resources, corporate and data resource access, connection of remote offices via VPN, Internet access and use control, e-mail security; manual or automatic detection and prevention of DDoS attacks, mitigation of goodwill and financial losses due to possible Internet resource DdoS attacks.
IT system security is provided in compliance with requirements of applicable national IT security regulations.
SATEL has all required licenses to provide security for limited access information, where security requirements are set by an owner (commercial and other secrets):
• information, containing state secrets
• information, not containing any state secrets, which is a government information resource, for compliance with the following regulations:
o “Security requirements for information, not containing state secrets, kept in government information resources” (approved by FSTEC of Russia on 11.02.2013, № 17)
o “Special requirements and recommendations for technical protection of confidential information” (STR-K)» (approved by order of the Federal Service for Technical and Export Control of the Russian Federation of 30.08.2002, № 282)
• not containing any state secrets, which is personal data, for compliance with requirements of “Structure and content of organizational and technical measures to provide personal data security during data processing in personal data IT systems” (approved by order of FSTEC of Russia on 18.02.2013,№ 21)
ACCESS AND ACCOUNT MANAGEMENT
Management of user access to corporate resources provides protection of important information, mitigates risks of unauthorized use of IT systems and data integrity and availability.
Prior to letting an employee or a guest connect to a corporate network, they need to be checked against certain criteria, for example: what kind of device this is, which software it has installed, is its anti-virus up to date, who connects from this device. Answers to those questions give an opportunity to provide flexible access restrictions for corporate resources to various user categories and block access for users, failing to comply with IT security policy requirements.
There are several ways to control user access and device status. Selection of a specific solution depends on many factors, particularly, on corporate IT security department tasks. Our company has extensive experience in implementation of comprehensive solutions, integrating advanced network technologies into a common system for control of user access to corporate resources.
MOBILE DEVICE, WORKSTATION AND SERVER SECURITY
Corporate networks have seen major changes since introduction of inexpensive and convenient smartphones and tablets. Such changes have significantly expanded numbers of corporate network hubs and affected mobility.
Wide-scale use of smartphones and tablets led to dilution of security perimeter, since mobile devices operate outside the perimeter for quite some time, and most often their security is not controlled in any way. Overall, the factor of mobile devices in corporate networks cannot be ignored any longer, because this is a most convenient channel for infiltration of malware into corporate network.
To be able to protect against threats that may materialize in a corporate network via mobile devices of employees, it would be required to use a special IT security toolset, containing an anti-virus, firewall, intrusion prevention system, web-filter, VPN agent, vulnerability scanner.
Our company has a dedicated IT Security Department, which will help with selection of a required protection toolset depending on each customer’s business specifics.
INDUSTRIAL CONTROL SYSTEM (APCS) SECURITY
Automatic process control systems (APCS) are critical elements of business processes of many industrial enterprises, which makes protection of their safe operation an integral part of the process to provide overall corporate security.
At present, APCS development and upgrades lead to even deeper integration with other enterprise management systems, making APCS network data security as important as physical enterprise security issues. Any change in integrity or availability of APCS-processed data might lead to a technological process violation, which in turn might cause financial losses to an entity, environmental damage and fatalities.
Availability of highly skilled specialists with in-depth knowledge of customer industry and specifics of industrial system IT security projects gives us capability to implement projects of various scale and complexity levels.
CERTIFIED PRODUCTION OF INFORMATION SECURITY TOOLS
Information security tools, produced by SATEL,are compliant with the current FSTEC of Russia regulation for firewalls, making them available for confidential information protection.
Production of certified data protection tools lets Customers:
• Order unlimited certified equipment items without going through new application procedure with FSTEC of Russia and performance of the full certification testing cycle.
• Receive support for certified equipment during certificate validity period (software updates, patches, use advice).
• Certificate extension opportunity.
SITUATIONAL IT SECURITY CENTER (SOC)
Security Operations Center (SOC) is a comprehensive set of regulations, processes, skilled specialists and technology solutions, focused on performing IT security tasks.
SATEL’s SOC, operating under an in-house service center, offers the following outsourcing services for identification and processing of IT security incidents:
- IT security incident monitoring, investigation and response. 24/7 monitoring of IT security incidents with customer-supplied or SATEL-supplied technology tools. Upon occurrence, IT security incidents are investigated and assessed for possible outcomes. Response measures are based on IT security system and tool setting recommendations in order to prevent repeat occurrence of IT security incidents and improve overall security levels.
IT security system maintenance and outsourcing. 24/7 monitoring of IT security system availability and system recovery, if required. Software version updates and preventative maintenance. Policy management, development and optimization. New threat alerts and signature updates.
Vulnerability management. Regular Customer network and system scanning for inventory management and vulnerability testing. Analysis of results and generation of recommendations to eliminate critical vulnerabilities.
IT security system tech support. First line customer support, including consultations, equipment repair or replacement, on-site visits of service engineers.
We also provide situational center design and implementation services. Our specialists will assist you in setting up a SOC, meeting your corporate requirements and considering your business specifics.
GOSSOPKA INTERACTION MANAGEMENT
The Concept of Government System for computer attack identification, prevention and recovery (GosSOPKA) was introduced by the President of the RF in 2013.
GosSOPKA’ s primary purpose is control over protection of IT resources from computer attacks and also control over recovery of normal operations of such resources following computer incidents, caused by computer attacks.
SATEL specialists with hands-on GosSOPKA interaction experience are prepared to provide regulations and guidance documentation development services, technology solution development and interaction of security tools with GosSOPKA segment technical tools.