CFT-Bank has passed the certification of conformity with information security requirements of the FSTEC of Russia

Center of Financial Technologies has completed the project of certification of CFT-Bank (Platform 1) for conformity with information security requirements of the FSTEC* of Russia. Certification tests were carried out by RNT CJSC testing laboratory. The technical statement and expert opinion were issued by the accredited certification authorities “Information Security Center” LLC.
 
Based on the results of certification tests of CFT-Bank (Platform 1) banking information complex, FSTEC of Russia issued Certificate of Conformity No. 2809 in the system for certification of information security products, stating that CFT-Bank with built-in protection** from unauthorized access to information can be used for creation of automated systems up to 1G (1Г) protection class inclusive.
 
“Specifics of the work of modern credit organizations include presence of a database with personal information, big blocks of electronic documents, and financial documentation. The consequences of unauthorized access to such information can be very serious for the bank and cause not only financial but also reputation risks,” comments Andrey Visyaschev, Chairman of the Board of CFT Group. “That is why Center of Financial Technologies always takes very seriously the issue of information security of operation of CFT solutions at partner banks. We are glad to receive the certificate confirming high reliability of CFT information complexes.”
  

* Federal Service for Technology and Export Control (FSTEC of Russia) is Russia’s federal executive authority that implements governmental policy, manages interdepartmental coordination and interaction, discharges special and control functions in respect of national security.
(www.fstec.ru)
** Certified basic security functions in CFT-Bank (Platform 1) software complex:
- identification and verification of access subjects during logging in the System;
- control of access to objects and CWS in accordance with the access matrix;
- registration of events referring to the System security.