Answer the question
In order to leave comments, you need to log in
Is a Linux server possible with the first category of personal data?
Good afternoon. In connection with Federal Law 419, fbmse.ru/ispolnenie-419-fz, some state institutions should, for the purpose of automation, exchange electronically applications and statistics with the FBMSE regarding work with people with disabilities. To do this, a postgres server is raised under Windows, and filled with KKM tools (Who How Can), and then the data is transmitted through a secure VipNet network. the data contains personal information of category 1, that is, the most important personal data. I did not find clear requirements regarding the specifics of storage and dissemination of such information. In connection with this question. Is it possible to buy a dedicated linux server, set up a postgres database on it, and set up a small NodeJS web service to fill this whole thing (on a non-standard port with limited access to certain IPs). Will such an approach pass at the federal level, is attestation or certification of the FSTEC necessary?
https://habrahabr.ru/post/107576/ judging by the article, certification is needed, it is not clear how they will carry it out in the cloud. If the OS is not in the register of licensed FSTEC software, can it be used, or is it necessary to use only what is in this register?
Answer the question
In order to leave comments, you need to log in
Personal data protection and clouds/vds are incompatible. I'm just wondering how you will install the Sobol PAK in the cloud / on the VDS, which is a mandatory hardware component.
Requirements_to_1_ISPD_class .
Protection of ISPD K1. Terminal solution
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question