| Developers: | BI.Zone (Safe Information Zone, Bison) |
| Last Release Date: | 2024/02/26 |
| Technology: | MDM - Master Data Management |
Content |
The main articles are:
BI.ZONE Compliance Platform automates the accounting of personal data and provides the ability to centrally manage all data processing processes in all branches of the organization through a personal account.
2024
Red OS Compatibility 8
BI. ZONE EDR and BI.ZONE Compliance Platform are compatible with Red OS 8. Red Soft announced this on August 2, 2024. Read more here.
KII Cybersecurity Compliance Management Module
On February 26, 2024, the company BI.ZONE announced that the BI.ZONE Compliance Platform has a compliance management module. cyber security CUES The platform will help organizations fully automate compliance with the requirements of the Safety 187-FZ and critical information infrastructure RUSSIAN FEDERATION other documents, as well as ensure continuous updating of processes in case of changes in legislation.
As reported, these opportunities will be useful to all Russian companies that must comply with the requirements of the legislation in terms of CII. Among them are state bodies and institutions, organizations working with information systems and networks in health care, finance, science, transport, communications, power, defense and chemical industries and others.
Now they will be able to automate the implementation of changing requirements for KII cybersecurity, design a system for protecting critical information infrastructure (OKII) facilities and reduce the risks of violations in the processes of their work. This provides companies with protection from the consequences of cyber incidents, including leaks of confidential information, violation of business processes, damage to reputation. In addition, administrative and criminal liability is provided for violations of the legislation under the CII.
The main tasks that allow you to automate BI.ZONE Compliance Platform:
- Accounting for processes, including critical ones. The module provides information about each process of a CII subject, including a list of OCII, process participants and possible negative consequences of violations.
- Categorization and reclassification of OCII. Now BI.ZONE Compliance Platform should analyze indicators of significance criteria for each OCII, determine its category of significance in accordance with Government Decree No. 127. When changing the processes or characteristics of OKII, the service automatically updates the category.
- Development of threat model, terms of reference and technical design for creation of OKII protection system. The processes of forming and updating the assessment of threats and potential violators for OKII have been updated: starting from this version, the platform takes into account infrastructure features and legislative requirements. In addition, users can prepare up-to-date documents on the threat model that meet regulatory requirements, perform technical design of OKII protection systems and form a terms of reference for them.
- Development of internal regulatory documents (GNI). The company's specialists will get rid of manual work and the need to track changes in regulatory requirements. When generating GNI, the platform takes into account the features and parameters of OKII.
- Assessment of CII protection. The module allows you to assess the organizational and technical measures of OKII protection already taken in the company for compliance with the requirements of the legislation, including orders of FSTEC No. 239, No. 235, No. 31. Based on the results of the assessment, users also receive recommendations for optimizing processes.
- Maintaining a list of incidents. BI.ZONE Compliance Platform stores incident data, keeps records of incidents, and automatically develops reports according to legal requirements.
 | The module is a significant addition to the BI.ZONE Compliance Platform. The use of the platform reduces the risk of fines from regulators. In addition, BI.ZONE Compliance Platform independently takes into account all changes in legislation. told Andrey Bykov, head of the BI.ZONE data protection consulting center |  |
2023
Astra Linux Special Edition Compatibility
Astra Group and BI.ZONE have tested the compatibility of the Astra Linux and BI.ZONE Compliance Platform operating systems, solutions for automating the implementation of the requirements of personal data protection legislation (PD) and government information systems (GIS). Astra Group announced this on December 19, 2023.
Following the tests, experts confirmed that all BI.ZONE Compliance Platform functionality is available to Astra Linux users. Thus, the solution can be applied to significant critical information infrastructure facilities, automated GIS and production and process control systems. Compatibility is confirmed by the Ready for Astra technology partnership program certificate.
With the help of BI.ZONE Compliance Platform, companies can evaluate the effectiveness of the applied security measures in information systems, develop and update a threat model, design a protection system and prepare for certification in accordance with Order of the FSTEC of Russia No. 77. The platform takes into account all changes in regulations and saves resources when updating documents. BI.ZONE Compliance Platform also automates the accounting of personal data and allows you to centrally manage the processing of personal data in all branches of the organization through your personal account.
| | We are constantly developing the BI.ZONE Compliance Platform, taking into account the peculiarities of the infrastructure and customer needs. Now organizations using Astra Linux can be sure not only that the built-in IPS will ensure the safe operation of the IT infrastructure, but also that the current legislation on the protection of PD and GIS will be complied with thanks to our product. Cooperation with Astra Group is a new step that will allow our clients to fulfill the requirements of regulators related to the need to transfer Russian organizations to domestic software, "said Andrei Bykov, head of the BI.ZONE data protection consulting center. | |
| | BI.ZONE Compliance Platform certification under the Ready for Astra program is, without exaggeration, of strategic importance. Based on the results of expert checks, we can 100% guarantee that the solution works correctly in a certified OS environment. Our team is grateful to our colleagues from BI.ZONE for cooperation and plans to continue its development, so that customers always have modern and appropriate technologies that allow them to automate the creation of a protection system, manage its processes and development, and quickly fulfill the requirements of regulators, "said Dmitry Tarakanov, Head of the Department for the Development of Technological Cooperation" Astra Group. " | |
Add features to automate legal compliance
BI.ZONE introduced the BI.ZONE Compliance Platform update on October 9, 2023.
The additional functions of the platform will allow companies to assess the effectiveness of the applied security measures in information systems, develop and update the threat model, design a protection system and prepare for certification in accordance with Order of the FSTEC of Russia No. 77.
Lack of resources and experienced personal data protection specialists (PDs) are the main difficulties that companies face when they need to ensure compliance with the requirements of PD legislation. BI.ZONE Compliance Platform allows you to automate relevant processes. Thanks to auto-update, the platform takes into account all changes in regulations and helps to save resources when updating documents.
As part of the update, the BI.ZONE Compliance Platform has features that make it a universal solution for automating compliance with legal requirements.
Now companies can use the platform to assess how applicable security measures in information systems comply with the requirements of the law. BI.ZONE Compliance Platform will analyze data on IT infrastructure and issue a report on compliance with the requirements of such regulations as FSTEC Orders No. 17 and No. 21, Government Decree No. 1119, FSB Orders No. 378 and No. 524. You can get acquainted with them and other orders and regulations directly on the platform.
After BI.ZONE Compliance Platform analyzes the applicable compliance protection measures, it will develop a threat model for the company - a document with a list of current security threats and analytics. This will help assess the possible risks and the likelihood of their implementation. The threat model will be automatically updated when your organization's infrastructure or legislation changes.
The BI.ZONE Compliance Platform will help organizations design information protection based on the analysis and current threat model.
Thanks to the functions that have appeared, the platform will also help companies prepare personal data information systems (ISDS) and state information systems (GIS) for certification or recertification in accordance with Order of the FSTEC of Russia No. 77. BI.ZONE Compliance Platform will develop a complete set of supporting documentation and update it with any changes.
| | Previously, BI.ZONE Compliance Platform focused only on compliance with PD legislation. It is now a tool that allows organizations to meet regulatory requirements for PD and GIS, automate the design of a practical information protection system, and prepare for certification. This makes BI.ZONE Compliance Platform an ideal choice for companies seeking to comply with the law, regardless of their specifics and area of activity, "said Andrei Bykov, head of the BI.ZONE data protection consulting center. | |
2022: The ability to fully automate most of the processes of processing and protecting PD
On March 17, 2022, BI.Zone announced that the platform now allows users to automate the management of personal data processing processes (PD) not only according to Russian, but also according to European GDPR standards.
Lack of resources and competent assessment staff protection of PDn are the main difficulties that organizations face amid the increased damage from. data breaches Breakings bases they hit reputation, cause an outflow of customers, and also threaten legal sanctions. The amount of fines for leaks personal data can reach impressive sizes - up to 18 million (rubles Federal Law of 02.12.2019 No. 405-FZ).
The BI.ZONE Compliance Platform addresses this by automating compliance and compliance processes. This reduces the risk of leaks and accountability for them, as well as personnel costs.
This version of the product fully automates most processes for processing and protecting personal data:
- threat modeling and risk assessment using statistics;
- Inventory of PD processing processes, systems involved and third parties
- Create documentation that meets 152-FZ and GDPR requirements, including any dynamic document designer
- conducting audits and assessments, preparing recommendations based on their results.
| | "The updated platform accelerates the construction of a mature process of personal data management from scratch by 40%. And the modeling of threats according to the current FSTEC methodology using the platform will take 3-10 times the Menshevremya, "- notes BI.ZONE Compliance Platform product manager Andrei Bykov. | |
Since June 2021, the product is included in the register of domestic software.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |