The Alef-Bank bank completes audit of an information security system

The Leta company completed the project of complex audit of a system of information security support of JSB Alef-Bank on compliance to requirements of the standard of Bank of Russia of service station of BR IBBS and to requirements for personal data protection and also for a system design of personal data protection according to the existing requirements.

Tasks

Within implementation of requirements of these standards the large-scale project on creation of the end-to-end system reducing the risks of direct and consequential financial loss entering model of threats of information security was started. The partner in the project specialists of bank selected Leta company as the enhanced service provider in the field of cybersecurity having a portfolio of successfully executed projects in financial credit institutions.

Solution

Within the project specialists of Leta execute a complex of works, including:

• the analysis of infrastructure of bank, organizational and administrative documentation in the field of cybersecurity and adjacent areas;
• inspection and preparation of recommendations about correction of business processes within which data processing of payment cards and personal data is conducted.

Also experts of Leta prepared necessary reports on security of personal data, according to a technique of service station of BR IBBS carried out the assessment of fulfillment of requirements of the standard and prepared recommendations about reduction in compliance with them an information system of the customer.

Objectives

Further Alef-Bank is going to continue, based on offers of Leta company, work on reduction of the information systems in compliance to requirements of the IB above-mentioned standards, to carry out implementation of necessary technical and organizational measures of protection.

Opinion

"For the organizations of the bank industry the problem of information security support is one of important requirements of business. At the same time the banking system is one of the few spheres in Russia where there are industry recommendations about information security support — Oleg Kiushkin, the head of department of information security noted "Aleph Bank". — This project was very important for our bank. Exact knowledge of all set of changes which need to be made in a system for the guaranteed observance of requirements of all fundamental standards cybersecurity is that base without which to start specific projects extremely risky. Considering special complexity of this task, we selected Leta company as the contractor".