Elvis-Plus: The basic Entrusted Module (MZ automated workplace the airborne combat vehicle)

2020: The announcement of the solution for the protected remote access from mobile devices

On April 7, 2020 the ELVIS-PLUS company presented the solution on creation of the protected workplace for remote access – the mobile protected automated workplace The Basic Entrusted Module (MZ the automated workplace airborne combat vehicle). The Basic Entrusted Module (BEM) is developed in full accordance with requirements of FSB of Russia and FSTEC of Russia, the modern international standards in the field of data protection and intended for creation of the protected software environment on mobile computers and tablets. MZ the automated workplace airborne combat vehicle provides data protection of the user, controls integrity of the environment of information processing and prevents unauthorized access to the computer by reliable two-factor authentication of the user before loading of OS and transparent enciphering of all hard drive partitions the Russian cryptographic algorithms.

According to the company, the airborne combat vehicle checks integrity and the invariance of a hardware configuration and BIOS before start of OS, and after that using already checked a component, having got trust to "iron", controls the initial loader, the airborne combat vehicle Open Source, critical files and settings of the operating system. Such approach protects a mobile workplace from threat of unauthorized changes of the hardware and OS which can be result of actions of the malefactor or implementation of the malware.

The airborne combat vehicle ciphers all disk (Full Disk Encryption), i.e. the user data, the system section, time files, swap files, files magazines of applications, memory dumps and images of the workstation saved on a disk upon transition of the computer to sleep mode. Loss or theft of the computer does not threaten confidentiality of the stored data. The hard drive is ciphered using an algorithm of GOST P 34.12-2015 "Magma", and the user cannot get data access in the ciphered section without passing of control of integrity and the procedure of two-factor authentication. Each sector of a disk is ciphered by a separate key that does almost unsolvable a problem of interpretation of information by the stranger in case of theft or loss of the mobile device. Transactions of enciphering and interpretation take place in real time at the time of the appeal to a disk, is transparent for applications and the user and do not enter notable time delays as performance of cryptographic transactions is comparable with a performance of transactions of reading/record of a disk (for Core i5 on one main core the speed of enciphering is about 300 MB/s).

MZ the automated workplace airborne combat vehicle has the certificate of FSB of Russia as means cryptographic data protection (CIPF) on class KC1. For protection of interaction of the mobile device with the set MZ the automated workplace airborne combat vehicle with corporate network is used SOFTWARE "ZASTAVA-Client", providing enciphering traffic on the basis of protocols IPsec ESP according to GOST P 34.12-2015 "Magma", and firewalling a remote workplace. Software "ZASTAVA-Client" has certificates of FSB of Russia as a CIPF of class KC1 and FSTEC of Russia as class B firewall on level 4.

ELVIS-PLUS offers the flexible mechanism of delivery of MZ the automated workplace airborne combat vehicle providing the following options:

• Delivery of the mobile device with the preset MZ software set the automated workplace airborne combat vehicle and software "ZASTAVA-Client".
• The MZ software installation the automated workplace airborne combat vehicle on corporate or personal mobile devices of employees of the customer.

As necessary by delivery of MZ the automated workplace ELVIS-PLUS airborne combat vehicle can execute preset of the standard information security tools used in corporate network of the customer (antiviruses, agents of the DLP systems and so forth).

The organization of remote access of employees and their full online work can not only bring business to the following level, but also provide the companies certain competitive advantages. However at the same time it is important to comply one condition - full privacy protection of personal and corporate data. Otherwise all potential pluses risk to turn into big losses. Oleg Verner, the chief of Laboratory of the entrusted environment of JSC ELVIS-PLUS told