Whatever protection is in the cloud, people still control it. Administrators with an elevated level of access are privileged users, their work must also be monitored and not allowed to exceed their authority. If, after the administrator's intervention, a problem arises, the standard event logs will not always help to investigate the reasons: a lot of other information is stored there, a sufficient retention period is not always configured, and the administrator himself, if desired, can delete records.
To investigate incidents, we use not only end-device logs, but also an IT service provider control system (SKDPU). It records all the actions of DataLine engineers from Cloud-152. This cloud is certified according to the requirements of FZ-152 and Order No. 17 of the FSTEC of Russia for GIS, certified according to the PCI DSS standard and is included in the scope of the certificate according to ISO / IEC 27001: 2013. So SKDPU also helps to comply with the requirements of laws and standards.
The system is also used if you need to help the client and connect to the servers in his personal data information system (ISPDN). The access of our administrators to S3 and some other systems is also controlled through the SKDPU.
In the article I will show what level of cloud protection the SKDPU is responsible for, how and how it can help clients.
Place of SKDPU in Cloud-152
: . , . - , .
Cloud-152 , :
,
.
. , .
Cloud-152 : “” , “” :
IaaS , . , .
:
Windows, Linux
;
, : 100 , 140 ;
: ;
.
. , . , -. , .
. , . , . , .
, . , . . , :
Cloud-152 . . , — .
ELK. : “ ...”, “ …”. Nagios.
Cloud-152, :
Cloud-152 , . - , : IaaS, .
Cloud-152 360 . Veeam . 30 .
. - , . , .
. TACACS+ c . , , . - , . , .
. , . , . .
. C . , . . , . .
. Cloud-152 152-. — . : 1, . . - . “” .
Cloud-152. , . !