URIIT realizes following measures to ensure information security in the Khanty-Mansiisk Autonomous Okrug - Ugra:
- Implementation of information security systems in accordance with the requirements of FSTEC and FSB of Russia;
- Certification of personal data information systems, state and municipal information systems;
- Audit in the area of information security and the investigation of information security incidents;
- Normative and methodological support of information systems in the field of information security;
- Organizing and conducting training courses on information security.
URIIT offers a range of activities on certification of information objects, including:
- Forming requirements for data protection;
- Development of information security systems;
- Implementation of information security systems;
- Attestation of software and putting it into force;
- Ensuring the protection of information during the usage of certified software;
- Annual periodic monitoring of the protection measures effectiveness;
- Qualified technical support information of certified software.
All the measures are carried out in accordance with the licenses of FSTEC and FSB of Russia held by URIIT.
- Defining the institution's assets subjected to protection and defining the list of information, acting on these assets;
- Determination of protected information composition with respect to each of the required security criteria: list of information which should be provided with confidentiality, integrity and availability;
- Auditing organizational, administrative, legal aspects of institutions affecting information security;
- Inspection of the state of IT infrastructure and engineering systems;
- Auditing the major activity divisions of institutions and their employees engaged in providing the institution with information security;
- A penetration test (external, internal, complex, with or without personnel notification).
According to the audit results URIIT prepares a final report with recommendations of experts for removing threats and vulnerabilities. Moreover, organizations are provided with step by step instructions on how to improve the work of the structural units involved in implementing information security policies and regulations.
URIIT offers implementation of different information security tools with guaranteed technical support.
Specialists of URIIT are implementing the following protection tools:
- Programmatic and hardware-software facilities for protecting information from unauthorized access;
- Security systems for detection and avoidance of intrusions;
- Network security scanners (the analysis of security systems);
- Interconnected screen;
- Software for content analysis (DLP);
- Anti-virus software.
URIIT Training center provides the following courses in accordance with regulators of FSTEC:
- "Providing personal data security at their processing within the information systems of personal data";
- "Organization and normative and methodological provision of technical security of restricted information that does not contain state secrets in the government bodies of constituent entities of the Russian Federation, local government, organizations and institutions";
- "Complex protection of informatization objects".
The benefits of education at the URIIT Training Center:
- Seminars are conducted by highly qualified staff with vast practical experience in the field of information security;
- The Training Center is fitted with modern equipment;
- Coordinated training courses fully comply with the normative legal acts in the field of information security;
- The courses include practical exercises with using certified information security tools;
- The seminar program covers the issues of practical development of internal documents regulating the procedure for the processing and protection of personal data.