Certified vs uncertified information security: regulatory requirements or a real need?

The question of the need to use certified information security tools, including cryptographic ones, has not lost its relevance for commercial organizations for a very long time. It is tirelessly discussed in the framework of meeting the requirements for ensuring the security of personal data, critical information infrastructure, information infrastructure of financial institutions and even government information systems.

Now GOST R 57580.1-2017 is coming to the fore, which must be met by the information systems of many companies in the financial sector from the beginning of next year. The document gives a weighty reason to once again plunge into reading a multi-page text in order to understand whether certified information security and information security tools are required?

Receiving a large number of similar questions, we decided to consider this topic in a comprehensive manner, both within the framework of GOST and other applicable legal documents. And, of course, share the result with you.

Despite the fact that the conclusions presented in this article are presented as applicable to financial institutions, they can absolutely freely be extended to any other company. After all, who among us is not a data controller?

A few words about ISS certification

โ€“ . , , , . , , - , , .

, , , . ( , ) , , โ€“ .

, , , .

.

โ€“ , , . , , โ€“ , , . , . ยซยป.

, , , :

  1. 57580, , 672-, 683-.

  2. : 382-, 672-, 683-, , .

  3. โ„– 321 โ„– 4-, , .

  4. ยซ ยป , , , , .

  5. ยซ ยป , , ,

  6. , , , -.

, .

, . , , , , โ„– 4-, , , 4 5 .

?

, , .

โ€“ 57580.1. , , , - . 672-, 683-, 321, , 57580.1. , , :

  1. , .

  2. , , .

  3. , 1- , . , .

, , ( ) โ€“ , ?

. , , . , , , , . , โ€“ .

, , , - , : , .

โ€“ , .

, , . .

, . 672-. , , . , . :

  1. , .

  2. , .

, ยซ ยป ยซยป. 184- ยซ ยป , , , , .

683-, , . :

  1. , .

  2. , .

  3. , 4 (.4).

. . , โ€“ , . , , , .

, 382-. , , . :

  1. , ( ) .

  2. .

  3. , .

  4. .

  5. , .4.

, , . , . , , ยซยป, , . 

, , . .

, . , . :

  1. ,

  2. , 2- 57580.

  3. .

  4. .4.

, โ„– 321, โ„– 4- .

. : , , . :

  1. , - .

  2. , .

  3. , , . , 5 , .

  4. . , .

, โ€“ , , .

, . , , , , . , , . โ„– 239, :

  1. .

  2. . , .

  3. . , , , .

, , .

, . , , ( ), , . , . , , , โ€“ , .

, . , , [] . ยซ ยป :

  1. , , .

  2. , .

  3. .

, , .

, , , โ€“ - , - . โ€“ , , .

, . , . , .

, : , , .

, , , . , , . .

, .

, , .

!

, 




All Articles