RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
Project

MegaLabs completed the formation of a system concept of information security

Customers: MegaLabs (Megalabs)

Contractors: Asteros
Product: Projects of external audit of IT and security (in tch PCI DSS and SUIB)

Project date: 2013/10  - 2014/09

Content

On September 29, 2014 the Asteros group announced project completion on development of the concept of development of the direction of information security in Megalabs Ltd

Project Tasks

Having examination in the field of creation of the innovation products and monetization of technologies, "Megalabs" pays considerable attention to questions of information security and protection of intellectual property. Within the business development strategy in the medium term, in the company made the decision on unification of approach to questions of information security support, formation of uniform policy of cybersecurity, work planning in the direction. Involved the Asteros Information Security command in project implementation.

Project Progress

The first stage of the project is begun in October, 2013: specialists "Asteros Information security" booked audit of a status of cybersecurity in "Megalabs". Check was undergone:

  • personnel management,
  • cast and obligations for cybersecurity,
  • identification and classification of data assets,
  • assessment and processing of risks of cybersecurity,
  • physical security and protection against environmental activities,
  • network security,
  • access control,
  • work with mobile devices,
  • remote work,
  • anti-virus security,
  • backup,
  • management of vulnerabilities of information systems,
  • monitoring and incident management of cybersecurity,
  • providing Information Security in lifecycle of information systems,
  • vendor interaction and others.

Within inspection the analysis of the initial data obtained as a result of studying of documents on cybersecurity and a series of an interview with responsibles "Megalabs", assessment of degree of compliance of management systems and providing Information Security of the company to requirements of the international standards ISO/IEC 27001-2013 and ISO/IEC 27002-2013 is carried out. Experts "Asteros Information security" used own system of indicators of cybersecurity and a technique of their assessment. According to the results of inspection the directions of development of information security and the recommendation for increase in level of protection of information resources, proceeding from degree of their criticality for business are defined.

Within the next stage of "Megalabs" the development plan for the direction of information security for three years is created.

Final stage of the project the politician of "Megalabs" regulating the IB main directions turned on development of a set. According to the results of works the conceptual model of an end-to-end system of providing Information Security defining necessary processes, documents and the systems of providing Information Security, the plan of their implementation is provided to the customer.

Project Results

Implementation of the developed concept will help to create the effective system of providing Information Security, according to requirements of regulators and current trends in the field of data protection.

"The accumulated experience in area of project implementation, the concepts of information security connected with development, allowed us to develop own, effective approach combining advantages of modern techniques of strategic planning and management of cybersecurity which we successfully apply in work with the companies of any scale. The specifics of business of Megalabs are connected with an intellectual component in product development and services for subscribers MegaFon – for us it was useful experience, and we hope to continue cooperation already on implementation phase of actions for protection of information resources of the company", – Dmitry Biryukov, the head of practice noted audit and consulting "Asteros Information security".
"Implementation of the concept of development of information security prepared by consultants "Asteros Information security" for us is the first step to creation of an end-to-end system of providing Information Security. A number of the projects directed to improvement of processes and management systems and providing Information Security is provided in the closest development plans for this direction, – Evgeny Tulupov, the head cybersecurity of Megalabs Ltd told. – We thank our partners for the high level of quality of the performed works and we expect to continue successful cooperation".