RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
Project

Rosgosstrakh Bank completed the procedure of certification of security systems

Customers: Rosgosstrakh Bank (RGS-Bank, before Russia-Bank)

Contractors: Jet Infosystems
Product: Projects of external audit of IT and security (in tch PCI DSS and SUIB)

Project date: 2014/03  - 2014/07

Content

On July 22, 2014 Rosgosstrakh bank and Jet Infosystems company made a joint statement on project completion on reduction of payment systems of bank in compliance with requirements of the PCI DSS 3.0 standard.

Project Tasks

Amounts of data, processed in payment systems of bank do ensuring their security, including reduction of payment systems in compliance with requirements of the PCI DSS standard, one of paramount tasks.

"We realize interrelation between customer confidence, reliability of bank and its attractiveness as credit institution and partner for carrying out financial transactions ─ Konstantin Savin, the head of a processing center of Rosgosstrakh bank emphasized. – Therefore compliance of our information systems to the PCI DSS standard is perceived by us not so much as the certification necessary for the player of modern financial market, but as a fundamental component of strategy of cybersecurity of bank in general".

The partner in the project Jet Infosystems company.

Project Progress

At the first stage of the project experts of Jet Infosystems company inspected and estimated payment systems of bank regarding compliance to requirements of the PCI DSS standard, the overall level of their security.

According to the results of inspection the plan according to which normative and administrative documents are finished is created, segmentation of network is carried out, additional resources of data protection are implemented.

"In addition to auditor and certified tasks we were faced by the purpose to ensure real safety of information systems of bank. At the same time we saved balance between the principles of economic feasibility of the implemented means of protecting, their practical value and requirements for preserving of capacity of the IC of bank, − Elena Kozlova, the head Security Compliance of Information Security Center of Jet Infosystems company told. – The implemented means of protecting the solution of the class SIEM, control facility of integrity of systems, monitoring of activity of users in databases were among, scanning of vulnerabilities, two-factor authentication, etc. at the expense of what compliance to the standard was provided and the cybersecurity level of bank in general is increased".

Project Results

The final stage of the project - final audit, is carried out by the group of experts of Jet Infosystems company, not taking part in project works. Results of audit are accepted by international payment systems of Visa and MasterCard, ROSGOSSTRAKH BANK received the certificate of conformity.