Services

Certification of the information security system

The service «Certification of the information security system» allows the owners of information systems intended for processing information distribution and (or) the provision of which is limited, not classified as state secrets, to certify their information system for compliance with the requirements for such information systems in accordance with the order of Operative and Analytical Center under the President of the Republic of Belarus dated February 20, 2020 No. 66 «On measures to implement the Decree of the President of the Republic of Belarus dated December 9, 2019 No. 449»).

Information, the distribution and (or) provision of which is limited, but which is not state secrets, includes:

information about the private life of an individual and personal data;
service information of limited distribution;
information constituting commercial, professional, banking and other legally protected secrets;
information contained in cases of administrative offenses, materials and criminal cases of the criminal prosecution authorities and the court until the completion of the proceedings;
other information, access to which is limited by legislative acts.

The presence of a certificate of conformity is a prerequisite for the processing of information, the distribution and (or) provision of which is limited, not classified as state secrets.

Certification is carried out in the following cases:

creation of an information security system;
expiration of the certificate of conformity;
change in technology for processing protected information;
changing the technical measures implemented when creating the information security system.

As part of the «Information Security System Attestation» service, we offer a full range of measures for the technical and cryptographic protection of information to be processed in the information system:

designing an information security system;
creation of an information security system;
certification of the information security system;

The service delivery process is divided into several stages:

Designing an information security system of an information system.
Creation of information security system information system.
Implementation by the Client of measures to bring information security systems in line with the requirements of the legislation of the Republic of Belarus.
Certification of the information security system of the client's information system.

More detailed information about each stage is presented in the calendar plan.

The certificate of conformity is issued for a period of 5 years, subject to positive results of the certification of the information security system.

The service «Certification of the information security system» is a service of the Republican Platform belonging to the category «infrastructure services» and is provided exclusively for information systems hosted on the Republican Platform.

To determine the possibility of providing a service, you must fill out a questionnaire and send it through the feedback form «Contact Us» or to the email address sales@becloud.by.

In addition to the «Information Security System Attestation» service, we offer our Clients, within the framework of the «Pentest» service, checking information systems for vulnerabilities. Based on the results of the vulnerability analysis, we provide Clients with:

a list of identified vulnerabilities with an assessment of their criticality;
the results of attacks and exploitation of vulnerabilities with a demonstration of examples of their implementation;
a list of recommendations for eliminating detected vulnerabilities;
information about the result of scanning an information system using an automated security control tool (vulnerability scanning);
recommendations on the classification of information stored and processed in the information system, in accordance with the law;
recommendations for classifying an information system as a class of typical information systems;
recommendations for determining the requirements for the information security system aimed at ensuring the confidentiality, integrity, authenticity, availability and safety of information.

The «Pentest» service can be used by clients whose web resources are hosted on the resources of the Republican platform.

Tariffs

№	Name	Price (tariff) without VAT, BYN	Price (tariff) with VAT, BYN
1. Information security system certification
1.1.	Certification «System»	25 000	30 000
1.2.	Certification «Спринт»	5 000	6 000
2. Penetration Testing (Pentest)*
2.1	number of URLs in one domain (less than 10)	15 000	18 000
2.2	number of URLs in one domain (more than 10)	30 000	36 000

Documents

For more information, please contact beCloud sales department:
+375 17 287 11 11;
+375 17 287 11 49;
sales@becloud.by.