ISO standards

Our security management system was designed to meet the standards developed by the International Organization of Standardization. That’s why we’re certified for ISO 27001, ISO 27017, and ISO 27018.

ISO 27001/27017/27018

ISO 27001 sets requirements for information security management systems as well as how they are implemented, supported, and continuously upgraded. The ISO 27001 guidelines help guarantee a high level of security for their core information assets.

ISO 27017 is a set of practical recommendations for how cloud providers can deliver information security. These recommendations, specifically for cloud service providers, complement the ISMS implementation requirements set out in ISO 27001.

ISO 27018 focuses on cloud service providers securing the personal data they process. The standard sets out practical information security recommendations for protecting the personal information that clients entrust to the cloud provider. They supplement the requirements of the basic standard, ISO 27001.

ISO 27701

ISO 27701 is an extension of the ISO/IEC 27001 international information security standard, and serves as a guide for the protection of personal information. The document helps companies build a data protection system in accordance with Russian Federal Law 152‑FZ “On Personal Data” and legal requirements in other countries. The standard allows you to check not only the technical capabilities of a data protection platform, but also how the legal principles of data processing are implemented within a company.

The development of this document took the unified European General Data Protection Regulation (GDPR) into account. It confirms that the provider is in compliance with international requirements for personal data protection. The certification checks how the company protects and transfers customer data, whether it uses them legally, and how it manages access and data breaches.

Other certificates and standards

Federal Law 152-FZ

The federal law regulating how personal data is stored and processed.


Standards for secure usage of credit cards from the Payment Card Industry Security Standards Council.

GOST R 57580

The Russian national security standard for banking and financial operations, required for all credit and non-credit financial organizations.

Cloud Security Alliance

An international organization promoting IS best practices for cloud services.


The regulations governing how personal data is collected and processed for individuals in the European Economic Zone.

Register of Russian Software

The unified register of Russian software programs.