Subsidiary companies of Rosseti will receive protection against leaks for 130 million rubles

2017: Implementation of DLP in subsidiaries

In October, 2017 Rosseti announced competition on creation and development of a system of protection against leaks of confidential information (DLP) for the child structures. Project cost is estimated at 134 million rubles.^[1]

Subsidiaries of Rosseti will implement DLP

The solution should be implemented in seven subsidiaries of the customer:

• FGC UES
• "IDGC of the Northwest"
• IDGC of Ural
• Kubanenergo
• Tyumenenergo
• Yantarenergo
• "IDGC of Siberia"

A DLP system should have the centralized architecture. Its tasks will include ensuring effective control behind data transmission channels for identification and prevention of cases of unauthorized use of confidential information.

The software of a DLP system should include:

• monitors, analysis, settings of rules of work and reporting,
• means of data manipulation on the basis of free DBMS,
• control facilities of work of agency software of a system,
• means of dynamic intrusion detection of the malware
• operational documentation in Russian.

A system should work based on operating systems Windows (7 8/8.1 10) and Windows Server (2008 2008 R2 2012)

In Tyumenenergo, IDGC of Ural and "IDGC of Siberia" a system should function on the existing equipment, if necessary using means of virtualization. In Yantarenergo, FGC UES, Kubanenergo and "IDGC of the Northwest" a system should be delivered in the form of a hardware and software system. In addition created DLP should be integrated with information security systems of executive office of Rosseti.

The results of tender should be summed up at the beginning of December, 2017.

2014: Implementation of DLP at head office

Within implementation of internal security policies and also for the purpose of ensuring confidential information protection, in 2014 Management of information security of PJSC Rosseti initiated the project on implementation of technical subsystems of cybersecurity for control of information leaks and protection against them. By nuclear heating plant it was selected from quality of the contractor on the basis of the held competition according to Federal law 223-FZ, having offered the optimal offer on technological and price parameters.

The customer set the following tasks for the implemented solution:

• Ensuring control over the main transmission channels of confidential information in electronic form (including local and network methods).
• Leak detection when sending electronic messages or record for USB drives if these actions contradict the accepted security policy.
• Detection of the protected information on its contents (irrespective of a format of storage and transmission channels).

For project implementation the solution based on DLP technologies (Data Leak Prevention) using the product Infowatch Trafic Monitor Enterprise, in practice which showed high efficiency in the distributed heterogeneous systems that was required for meeting requirements of security in structure of PJSC Rosseti was selected.

The implemented solution allows to analyze data streams, crossing perimeter of the organization and to react to availability in them of confidential information by application active a component of a system, preventing leak. Recognition of confidential information, at the same time, is made also by the analysis of formal signs (for example, a signature stamp of the document, specially entered tags, comparison a hash function), and the analysis of content, including linguistic level. The applied combination of methodologies allows to provide reliable protection and a high probability of identification of incidents at the low volume of false operations.

Functionality of the solution:

• The automated audit of the locations of confidential information
• Control of compliance to the established procedures of movements of confidential information (creation and processing of incidents at illegal disclosure of a confidential information, with a possibility of their prevention)
• Tracking of the overall level of risks and their forecasting
• Control of information leaks in the mode of immediate reaction and within the retrospective analysis

The solution was implemented at head office of the company. Within project implementation of nuclear heating plant executed design of the solution, delivery program and hardware, implementation, a commissioning, performs operational maintenance. Process of implementation took 2.5 months.

Upon operation the solution was recognized effective that reduces possible material, moral, reputation and other types of the damage caused by leak of confidential information.

The achieved results:

• The implemented solution allows to analyze data streams, crossing perimeter of the organization and to react to availability in them of confidential information by application active a component of a system, preventing leak.
• Recognition of confidential information, at the same time, is made also by the analysis of formal signs (for example, a signature stamp of the document, specially entered tags, comparison a hash function), and the analysis of content, including linguistic level.
• The applied combination of methodologies allows to provide reliable protection and a high probability of identification of incidents at the low volume of false operations.

Notes