| Customers: PJSC VimpelCom
Contractors: Asteros Product: Projects of external audit of IT and security (in tch PCI DSS and SUIB)Project date: 2013/03 - 2013/05
|
The Asteros group completed audit of the organization of personal data protection (PDN) by request of VimpelCom operator, the press service of the contractor reported on May 21, 2013.
Requirements of the Federal Law
Since an exit of the first edition of the Federal law on personal data protection in 2005, the division of security VimpelCom consistently implements the comprehensive program of protection of PDN. For objective assessment of the current level of the organization of protection of PDN, the company management VimpelCom made the decision to book audit of corporate systems on compliance to requirements of FZ-152. The contractor of the project selects Asteros company.
Job
The key task set to the contractor — to provide the broad and objective picture of a current status of a system of protection of PDN, having revealed its strong and weaknesses. The main objects of the company on which personal data of clients and personnel are processed entered a circuit of the project.
The first stage
During the first stage of audit specialists of Asteros analyzed technology processing of PDN, the existing measures and means of protecting, designated potential zones for gain of information system protection, checked relevance of models of threats.
The second stage
On the next stage of the project the organizational and administrative documents regulating work with personal data were checked, reporting documentation with the detailed description of relevant security risks of PDN is prepared and recommendations about improvement of a system of their protection are developed. During the project additional resources of access control (ASKUD) and the solution for data protection from unauthorized access are set.
"Thanks to harmonious work of specialists VimpelCom and readiness to quickly provide information, necessary for audit, us was succeeded to complete the project within 2 months. Federal Law No. 152 is one of the most dynamic laws — changes in a regulatory framework are accepted annually therefore for us providing to the customer recommendations about improvement of a security system taking into account relevant amendments and the future emergence of the new version of the Federal Law was of particular importance" — Sergey Konoshenko, the director of the department of information security of the Asteros group noted.
"Telecommunication companies as the largest operators of PDN, some of the first began to bring the system of protection of PDN into accord with Federal Law No. 152 as confidentiality of subscriber information is the same obligation of operator as the continuity of providing communication services — Vyacheslav Kushchenko, the head of directorate on ensuring protection of tangible assets emphasized VimpelCom. – Ensuring protection of PDN is a permanent process within which it is necessary to work "for advancing". In this regard for us experience and competences of the partner company is of particular importance. Cooperation with Asteros allows us to minimize potential risks and to have the finger on the pulse of changes in the legislation".
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |