For putting of personal data with 2nd, 3rd, 4th levels of protection.
See certificate
For putting of 3rd Class State Information Systems (SIS C3).
See certificate
Cloud-152 Advantages
Complies to requirements of
- 152-FZ, 1119-PP, 21 FSTEC Order, 378 FSB Order
- SIS (17 FSTEC Order)
- PCI DSS 3.2.1.,
- ISO\IEC 27001:2013
FSTEC-Certified information protection tools
at IaaS Level, however we do not force specific IPT and CIPF at Customer’s IS Level
Geographically distributed infrastructure
of Cloud, based on two Data Centers (NORD and OST)
Detailed SLA
Cloud based on verified solution and reliable support of vendors, so the high availability and performance metrics are guaranteed.
What Shall You Get:
Certified infrastructure, complied to requirements for protection of Personal Data and SIS at IaaS level; this infrastructure allows passing of regulator’s verification (we will sign the Commitment for Processing, we will provide the Threats Model, Technical Passport etc. for NDA)
Cloud based on VMware virtualization with vendor’s support and SLA
Assistance in preparation of documentation for regulatory authorities: threats models, technical design-project, organization documentation*
Selection, configuration and administration of protection tools for your IT-system (levels higher than IaaS)*
* additional services for provision of full compliance to 152-FZ
How we provide for the safety of personal data in Cloud-152
- Cloud-152 Equipment is located at the premises with protected perimeter , at Tier III Data centers NORD1 and OST, with 24x7 security personnel and CCTV monitoring.
- Cloud-152 deployed at dedicated equipment. Every rack equipped with ACS.
- Cloud-152 network segment is isolated from other Customers’ networks, Cloud management cluster also located on separate equipment.
How is arranged the Cloud that is 152-FZ compliant?
The Cloud built according to requirements of Government Decree 1119 dated Nov 01, 2012, Order № 17 FSTEC RF dated Feb, 11, 2013, FSB Order № 378.
- Virtualization environment’s protection tools (vSphere, certified version of VMware).
- New Generation firewall (NGFW)
- Intrusion Detection System
- Tool for control and monitoring of Privileged Users’ actions
- Anti-virus software
- Unauthorized access protection tool
- Security analysis toll (vulnerability scanner)
- GOST encryption via software-hardware system
Cloud Infrastructure deployed at two Data Centers in Moscow to allow realization of geographically distributed solution via DRaaS.
We will help to provide the compliance of your IT-systems (with levels higher than certified IaaS), via:
- WAF based on FortiWeb;
- Search and analysis of vulnerabilities based on Qualys;
- Multi-factor authentication based on SafeNet;
- Network protection based on NGFW FortiGate;
- Kaspersky Anti-virus;
- DDoS-attacks protection based on QRator, ServicePipe;
- SIPF ViPNet, С-Terra, “Continent” Hardware System for encryption
- Wallix/Internet Providers Actions Control System,
- Scanners BC-scanner, XSpider
- Kaspersky products
- SSL certificates and other tools.
SLA - your personal quality control
For all "Federal Law 152 compliant cloud computing" clients, we provide a detailed Service Level Agreement (SLA). Key parameters and indicators, we are financially liable for, are listed below:
99.982% guaranteed service availability
99.982% data center and infrastructure availability
8 minutes maximum downtime per month
MIPS / 1 vCPU ≥ 2800 processor speed
2000 IOPS/500 GB SSD guaranteed disk system performance
≤ 3ms average access time to SSD-disk
≤ 10 minutes incident response time
Why You Shall Choose Us?
Cloud-152 virtual environment certified to be compliant to152-FZ requirements, also to be compliant to international standards PCI DSS and
ISO 27001:2013.
Maintenance of infrastructure will be performed by our experts professionalized in security hardware.
We are financially responsible for the offence of guaranteed service specifications.
24х7 support via e-mail and telephone.
Frequently Asked Questions
No. When you put the data in Cloud-152, you met the law requirements at infrastructure (IaaS) level because we already made the required set of documents and correct protection tools for Cloud-152.
For your Data Transmission IS that is "higher" than IaaS you must also develop the documents and use protection tools that are correspond to Data Transmission IS protection level and type of current threats according to FSTEC Order #21. We are able to assist you for this task.
Yes, Personal Data Operator is entitled to trust the processing of Personal Data to the third party – for example, the Cloud Provider (paragraph 3, article 6, 152-FZ). For this case, you should sign the Commitment. The Commitment include the description of actions that provider entitled to perform with Operator’s Personal Data, Provider’s duties to maintain the confidentiality of Personal data, to provide Personal Data safety and protection according to the specified requirements.
Herewith the Personal Data Operator, not the Provider, will be responsible to Personal Data subject for 152-FZ requirements/ compliance.
Without the Commitment you will not meet the law requirement for transferring of Personal Data processing works to the third party, and provider will not be responsible to you concerning the 152-FZ requirements’ compliance.
The Law requires to maintain IT system’s compliance to 152-FZ. For Commercial Enterprises, it is sufficient to maintain the Cloud Provider’s certification and maintain your own Data Transmission IS compliance to requirements.
For Government Organizations the certification is mandatory, it places the restriction for IT system (the IS must not be updated).
We will deploy the infrastructure "from scratch", or arrange the migration:
- In virtual infrastructure on-premise,
- from other Cloud Provider,
- from hardware.
Upon the establishment on our Cloud, we will configure all protection tools and will assist you with documents, if required.