K2 Cloud Cloud Platform

Main article: What is IaaS

2025: Compliance with the requirements of GOST R 57580.1-2017 in terms of information protection

The K2 Cloud cloud platform fully complies with the requirements of the national standard of Russia - GOST R 57580.1-2017 "Security of financial (banking) transactions. Information protection of financial institutions. Basic composition of organizational and technical measures. " K2 Tekh announced this on January 17, 2025.

Independent assessment was carried out according to the "enhanced" level of protection (UZ-1). As a result, the compliance ratio was 0.94 (out of a possible 1.00), which is one of the highest indicators in the Russian public cloud market.

Such a high level of security is necessary for data storage credit non-bank financial institutions, as well as entities national payment system. Compliance with GOST P 57580.1-2017 allows you to post data classified as protected information in the K2 Cloud in accordance with the provisions of the Bank of Russia. In addition, the fifth level of compliance allows you to transfer to the K2 Cloud, critical processes such as money transfers or other financial transactions.

K2 Cloud's compliance factor of 0.94 with the requirements of GOST P 57580.1-2017 (UZ-1) ensures that the infrastructure and services of the cloud platform meet all the requirements of Russian law and the regulator.

Independent assessment of GOST requirements was carried out by the licensed auditor of PC "RAD KOP." The company has checked all the necessary documents, and also analyzed the operation of the cloud platform, network infrastructure and platform services, conducted an audit of all supporting informatization objects. In particular, auditors evaluated all processes, systems of organization and management of data protection, as well as lifecycle of automated systems and applications under development. As a result, PC "RAD KOP" confirmed the compliance of the K2 Cloud with the fifth, highest level of security according to the established requirements of the regulator.

In addition, K2 Cloud also successfully passed audits for compliance with the requirements of GOST R ISO/IEC 27001-2021 and GOST R ISO/IEC 27017-2021.

The first standard assumes compliance with the basic principles and methods of organization, control and management of information security. Passing certification means that the organization has an effective management system that reduces cybersecurity risks, including threats to privacy, integrity and availability of information. The second standard emphasizes specific requirements for protecting information in cloud environments. The audit was carried out by the certification body Test St. Petersburg.

The security of financial data requires the highest level of security and reliability from the cloud provider. K2 Cloud confirmed compliance with the requirements of national standards of Russia - GOST R 57580.1-2017, GOST R ISO/IEC 27001-2021 and GOST R ISO/IEC 27017-2021. The K2 Cloud audit took several months. During this period, third-party experts were able to verify the reliability of security systems in the K2 Cloud. It is especially valuable for us that such a high indicator of compliance with the GOST R 57580.1-2017 standard is one of the highest in the public cloud market in Russia, "commented Alexander Lugov, head of the information security group of the K2 Cloud cloud platform.

2024

Delivery of servers "PI DataRu"

K2 Tekh began cooperation with the domestic vendor of server and network equipment "DataRu Technologies." The manufacturer of solutions for IT infrastructure supplied servers of the DataRu PI series for the customer's cloud, which made it possible to significantly increase capacity taking into account current market requirements. K2 Tekh announced this on January 16, 2025. Read more here.

Obtain PCI DSS 4.0 Certificate of Compliance

K2 Cloud has received a certificate of compliance with the international PCI DSS 4.0 security standard. This means that the provider provides the necessary level of infrastructure security for payment systems. K2 Tekh announced this on December 17, 2024.

Obtaining a certificate indicates that K2 Cloud provides a high level of protection of customer payment information from unauthorized access, theft, fraud and other types of threats. Companies that store or process payment card data in the cloud also need to be audited annually and confirm compliance with the international security standard.

First of all, the PCI DSS certificate is required to be used by companies that store, process and transfer data bank cards. In addition, trade service companies that also have access to them must also be certified. As a responsible person, we cloudy provider are also certified annually according to the PCI DSS standard so that our customers can safely store and process virtual payment card data in their K2 Cloud infrastructure, "commented Sergey Zinkevich, Director of K2 Cloud.

The audit was carried out by OWNR Solutions (Ovnr Solutions LLC) for a month.

Placing StormWall Solutions

StormWall and K2 Tech announced the start of a partnership. K2 Cloud customers will have access to all the vendor's capabilities to protect sites, networks, services and IT infrastructures of any size from DDoS and other cyber attacks. StormWall announced this on December 4, 2024.

K2 Cloud offers the market cloud services and managed B2B services. Together with StormWall, which has an extensive network of points of presence and deep expertise in the field of cybersecurity, K2 Cloud customers will be able to significantly increase the speed and efficiency of repelling attacks on their services.

K2 Cloud decided to start cooperation with StormWall, relying on the provider's DDoS protection solutions, as well as the speed and high quality of StormWall technical support. The provider has the ability to quickly connect services in attack conditions, and also has a convenient and informative personal account. All this makes the vendor's solutions extremely relevant to ensure uninterrupted business protection against DDoS attacks.

The provider's portfolio of solutions available in K2 Cloud includes protection against DDoS attacks, WAF, AntiBot, CDN, hosting, which help provide comprehensive protection for web resources. With StormWall solutions, you can successfully cope with modern threats such as multi-vector DDoS attacks, carpet bombing and DDoS attacks at the L7 level.

{{quote 'author=said Ramil Hantimirov, CEO and co-founder of StormWall. | The partnership with K2 Cloud marks an important milestone in our commitment to protect companies from growing cyber threats. According to our data, in Russia the power of DDoS attacks in the third quarter of 2024 reached a critical level and amounted to 1.7 Tbit/s. At the same time, the number of complex multi-vector attacks increased by 18%. Today, DDoS attacks pose a huge threat to business, so it is especially important to offer companies reliable protection. And our collaboration with K2 Cloud is a key step towards achieving this goal,}}

Шаблон:Quote 'author=noted Sergey Zinkevich, director of K2 Cloud.

Availability of Astra Linux versions "Eagle" and "Voronezh"

The Russian operating system Astra Linux has become available to K2 Cloud clients. K2 Tekh announced this on July 22, 2024. Now users will be able to run in cloud virtual machines with OS with the support of the vendor. The ability to obtain licenses according to the subscription model will allow you to create reliable secure IT systems with minimal costs, conduct pilot projects and develop your own digital products and services.

Astra Linux is available to users of K2 Clouds in two security options: "Eagle" and "Voronezh." The Oryol security level is suitable for companies that need a reliable corporate OS and do not require special security tools. Voronezh is designed to work with the most sensitive data and provides the maximum level of protection - UZ-1.

K2 Cloud, in turn, provides users with the highest availability guarantees, providing a 99.95% SLA. According to K2 Cloud, for 77% of large businesses, availability is one of the main requirements when moving to the cloud.

K2 The cloud is always focused on customer needs, especially infrastructure and data protection. Astra Linux meets all important technical standards and security requirements, which is especially important in import substitution conditions. The presence of Astra Linux in K2 Cloud will allow companies to migrate to a domestic solution and use all the capabilities of the operating system without having to deploy it in their infrastructure. We are confident that Astra Group products will be in demand by our customers, "said Kirill Boyko, Technical Director of K2 Cloud.

As a vendor, we see our task in making the use of our products as comfortable as possible for companies in any sectors of the economy and approaches to building an IT infrastructure. The demand for Astra Linux has been growing significantly lately, as it is a solution with great functionality and a set of information protection tools. The OS is included in the register of the Ministry of Digital Development, has certificates from all regulators and can be used in various information systems, including processing any confidential data, "said Anton Rudevsky, director of work with partners and neighboring countries of Astra Group.

PT Cloud Application Firewall Solution Availability

K2 Cloud Positive Technologies and July 9, 2024 announced the conclusion of a technological partnership. The key area of ​ ​ interaction was the launch of the cloud product Positive Technologies - PT Cloud Application Firewall from K2 clouds Cloud. More. here