How to set up smartphones and PCs. Informational portal
  • home
  • Windows 7, XP
  • An example of drawing up a classification of information systems for personal data. The procedure for the classification of personal data information systems

An example of drawing up a classification of information systems for personal data. The procedure for the classification of personal data information systems

02.04.2019 Windows 7, XP
conscript November 9, 2010 at 12:31 PM

Personal data (Classification ISPDN)

  • Lumber room *

A lot has been written about the classification of personal data information systems: whole articles, websites and forums are devoted to this burning topic. Let's start with the fact that in accordance with the order of the FSTEC \ FSB \ MITiS No. 55 \ 86 \ 20 there are typical and special ISPDN. We include ISPDs as typical, in which it is necessary to ensure only the confidentiality of personal data, and to special ones - if it is required to ensure at least one of the security characteristics of personal data, other than confidentiality (integrity, authenticity, availability, etc.)
The order presupposes the classification of ISPD based on an assessment of possible damage to PD subjects, whose data is processed in it: the higher the possible damage, the higher the class and, accordingly, the higher the requirements for technical protection... Clause 14 of the Order speaks of 4 classes:
- lack of negative consequences (grade 4)
- insignificant negative consequences (grade 3)
-negative consequences (grade 2)
-significant negative consequences (grade 1).
The assignment of one or another class of ISPDn, according to the same paragraph, is carried out according to the results of the analysis of the initial data.
We have already talked about the classification of typical ISPDs here, so let's go straight to the special ones.

How to classify a special ISPD?
If your ISPD contains personal data concerning race, nationality,
political views, religious and philosophical convictions, health status, intimate life, then everything is simple:
your system class is K1. And it doesn't matter if these are 10 records or 100,000. Then you either protect the system according to K1 in accordance with the requirements of FSTEC order No. 58, or lower the class, for example, by depersonalizing such data.
Now let's imagine a certain ISPD that we need to classify. Let it be a big company that provides services to its Clients.
Initial data of our system:
1. Amount of personal data- more than 100,000.
2. Personal data category- 2 (that is, this is personal data that makes it possible to identify the subject of personal data and obtain additional information about him).
3. Structure information system - distributed;
4. Availability of connections information system to communication networks common use and / or networks of international information exchange- there is;
5. Personal data processing mode- multiplayer;
6. Access rights differentiation mode users of the information system - with differentiation of access rights;
7. Location of technical means information system - within Russian Federation.

But we cannot classify such a system according to the plate from Order No. 55 \ 86 \ 20, because "According to the results of the analysis of the initial data typical the information system is assigned one of the following classes. " We are not upset, we read the order further and see the following point:
16. Based on the results of the analysis of the initial data, the class of the special information system is determined on the basis of the model of threats to the security of personal data in accordance with the methodological documents developed in accordance with paragraph 2 of the Decree of the Government of the Russian Federation of November 17, 2007 N 781 "On approval of the Regulation on ensuring security personal data during their processing in personal data information systems "
Therefore, after analyzing the initial data, the composition of the processed PD, determining the structure of the ISPD and technological processes, we can reasonably conclude that Negative consequences may violate the confidentiality of information (for example, the dissemination of information about the employee's disability). The implementation of all other threats will lead to minor negative consequences, because sufficient technical measures protection to neutralize them. Reflecting this information in the threat model, a special ISPD with the specified characteristics can be safely classified by us as K2.

Tags: personal data, ispdn

Registration N 11462

In accordance with clause 6 of the Regulation on ensuring the security of personal data during their processing in personal data information systems, approved by the Government of the Russian Federation of November 17, 2007 N 781 "On approval of the Regulation on ensuring the security of personal data during their processing in personal data information systems "(Collected Legislation of the Russian Federation, 2007, N 48, Part II, Art. 6001), we order:

To approve the attached Procedure for the classification of personal data information systems.

Director

Federal Service

for technical and export control

S. Grigorov

Director of the Federal Security Service

Russian Federation

N. Patrushev

The minister information technologies and communications of the Russian Federation

L. Reiman

The procedure for the classification of personal data information systems

1. This Procedure determines the classification of personal data information systems, which are a collection of personal data contained in databases, as well as information technologies and technical means that allow the processing of such personal data using automation tools (hereinafter referred to as information systems) 1.

2. The classification of information systems is carried out government bodies, municipal authorities, legal and individuals organizing and (or) carrying out the processing of personal data, as well as determining the goals and content of the processing of personal data (hereinafter referred to as the operator) 2.

3. The classification of information systems is carried out at the stage of creating information systems or during their operation (for previously commissioned and (or) modernized information systems) in order to establish methods and methods of information protection necessary to ensure the security of personal data.

4. Carrying out the classification of information systems includes the following stages:

collection and analysis of initial data on the information system:

assignment of an appropriate class to the information system and its documentation.

5. When carrying out the classification of the information system, the following initial data are taken into account:

the volume of processed personal data (the number of personal data subjects whose personal data is processed in the information system) - X npd;

the security characteristics of personal data processed in the information system set by the operator;

information system structure;

availability of connections of the information system to public communication networks and (or) networks of international information exchange;

personal data processing mode;

mode of differentiation of access rights for users of the information system;

the location of the technical means of the information system.

6. The following categories of personal data processed in the information system (X pd) are determined:

7. X npd can take the following values:

1 - the information system simultaneously processes personal data of more than 100,000 personal data subjects or personal data of personal data subjects within a constituent entity of the Russian Federation or the Russian Federation as a whole;

2 - the information system simultaneously processes personal data from 1000 to 100,000 personal data subjects or personal data of personal data subjects working in the industry of the Russian Federation economy, in the state authority residing within the municipality;

3 - the information system simultaneously processes data of less than 1000 personal data subjects or personal data of personal data subjects within a specific organization.

8. According to the security characteristics of personal data processed in the information system specified by the operator, information systems are divided into standard and special information systems.

Typical information systems are information systems in which only the confidentiality of personal data is required.

Special information systems are information systems in which, regardless of the need to ensure the confidentiality of personal data, it is required to ensure at least one of the security characteristics of personal data, other than confidentiality (protection from destruction, alteration, blocking, as well as other unauthorized actions).

Special information systems should include:

information systems in which personal data are processed concerning the state of health of subjects of personal data;

information systems in which it is provided for the adoption on the basis of solely automated processing personal data decisions that give rise to legal consequences in relation to the subject of personal data or otherwise affecting his rights and legitimate interests.

9. By structure, information systems are subdivided:

for autonomous (not connected to other information systems) complexes of technical and software tools intended for the processing of personal data (workstations);

for complexes of automated workstations, united into a single information system by means of communication without the use of technology remote access(local information systems);

on complexes of automated workstations and (or) local information systems, united into a single information system by means of communication using remote access technology (distributed information systems).

10. According to the availability of connections to public communication networks and (or) networks of international information exchange, information systems are subdivided into systems with connections and systems without connections.

11. According to the mode of processing personal data in the information system, information systems are divided into single-user and multi-user.

12. By differentiation of user access rights, information systems are subdivided into systems without differentiation of access rights and systems with differentiation of access rights.

13. Information systems, depending on the location of their technical means, are subdivided into systems, all technical means which are located within the Russian Federation, and systems, the technical means of which are partially or entirely outside the Russian Federation.

14. Based on the results of the analysis of the initial data, a typical information system is assigned one of the following classes:

class 1 (K1) - information systems for which a violation of the specified security characteristics of personal data processed in them can lead to significant negative consequences for subjects of personal data;

class 2 (K2) - information systems for which a violation of the specified security characteristics of personal data processed in them can lead to negative consequences for subjects of personal data;

class 3 (K3) - information systems for which a violation of the specified security characteristics of personal data processed in them can lead to minor negative consequences for subjects of personal data;

class 4 (K4) - information systems for which a violation of the specified security characteristics of personal data processed in them does not lead to negative consequences for the subjects of personal data.

15. The class of a typical information system is determined in accordance with the table.

16. Based on the results of the analysis of the initial data, the class of the special information system is determined on the basis of the model of threats to the security of personal data in accordance with the methodological documents developed in accordance with paragraph 2 of the Decree of the Government of the Russian Federation of November 17, 2007 N 781 "On approval of the Regulation on ensuring security personal data during their processing in personal data information systems "3.

17. In the case of separation of subsystems in the information system, each of which is an information system, the information system as a whole is assigned a class corresponding to the most high class subsystems included in it.

18. The results of the classification of information systems are formalized by the appropriate act of the operator.

19. The class of the information system can be revised:

at the decision of the operator on the basis of his analysis and assessment of threats to the security of personal data, taking into account the features and (or) changes in a specific information system;

based on the results of measures to monitor compliance with the requirements for ensuring the security of personal data during their processing in the information system.

1 Paragraph one of clause 1 of the Regulation on ensuring the security of personal data during their processing in personal data information systems, approved by the decree of the Government of the Russian Federation of November 17, 2007 No.

No. 781 (Collected Legislation of the Russian Federation, 2007, No. 48, part II,

2 Paragraph one of clause 6 of the Regulation.

3 Collected Legislation of the Russian Federation 2007, N 48, Part II,Art. 6001.

Information systems of personal data (ISPDN) are used in their work by many enterprises and organizations. Let's figure out what it is, and what nuances need to be taken into account by those who work with ISPD.

What is ISPDN?

Simply put, the ISPDN information system is used to store and process personal data. It consists of the following components:

  • Actually, the totality of personal data stored in the system, in the database.
  • The technical means used to work with this data.
  • Automation tools for accounting and processing information stored in the ISPD (may not be available in all systems).

ISPDN is serious

When using the systems under consideration, it is important to ensure the protection of personal data from unauthorized access, loss and other emergency situations... This is spelled out even at the legislative level. And in order to take advisory measures to restrict access to information and to protect it, an ISPD is audited (for more details, please contact Rentacloud specialists: http://rentacloud.su/services/zashchita-personalnykh-dannykh / audit /). Based on its results, an act is drawn up containing the following information:

  • The category of personal data that is stored and processed in the surveyed system.
  • Their class and type (more on that below).
  • Parameters and structure of the investigated system.
  • PD volumes (number of records, etc.) stored and processed in ISPD.
  • Information about the location of the system.
  • Information about the possibility of accessing the database through networks available for public use (LAN, Internet, etc.).

The audit is carried out in strict accordance with a joint document prepared by the Ministry of Communications, FSTEC and FSB. It is quite voluminous and requires a thorough study. In this regard, the audit of the system and the preparation of recommendations on which the protection of the ISPD will be based should be trusted by specialists. Their services can be used, for example, by contacting Rentacloud: (http://rentacloud.su).

Types, classes of ISPDN, and what else you need to know about such systems

Personal data information systems (PD) are divided into 4 classes and 2 types. The division into classes is carried out on the basis of such characteristics as the category of processed PD and their volumes.

Classes

The table will help you deal with this:

Explanations for the table.

Category 4 includes anonymized personal data, for which it is impossible to identify a specific subject (for example, statistical data). Cat 3 includes PDs, on the basis of which only the identification of a person is possible (they are quite rare). Category 2 includes data on the basis of which it is possible to identify a person and obtain some additional information(example - accrual systems wages in organizations and enterprises). The first category includes data containing information about nationality, health status and other social information, and information of a different nature (for example, databases of health care institutions).

As for the classes indicated in the table, the ISPDN is assigned to them on the basis of possible damage to subjects in case of violation of safety conditions:

  • Cl 4. Any negative consequences for the subject are excluded.
  • Cl 3. Minor negative consequences may occur.
  • Cl 2. The occurrence of such consequences.
  • Cl 1. Very serious negative consequences are possible.

ISPDN types

The first type includes systems where the functions of protecting the ISPD are reduced only to achieving the required indicators of its confidentiality. If, in addition to confidentiality, there is a need to ensure at least one additional security indicator (authenticity, availability, data integrity, etc.), it comes about the second type.

It is worth noting that most of the systems used today are classified as the second type.

It can be seen that the development of ISPD, their classification and provision of reliable, effective protection- very complex and multifaceted processes. And in order to avoid mistakes, it is advisable to entrust this to specialists. For this, you can contact, for example, the Rentacloud company, which occupies one of the leading positions in this market.

The act of classification of ISPD, as a rule, is confidential document, and must have a confidentiality stamp ("Confidential", "DSP", "Commercial secret") and an account number.

To carry out the classification, a commission must be created at the enterprise. The commission must include a person responsible for the protection of personal data. The commission must be appointed by order of the head and carry out its activities on the basis of the Regulation on the classification commission. According to the results of the classification, an act must be drawn up. The ISPD classification act must be approved by the chairman of the commission and signed by all members of the commission.

How to draw up an act of classification of ISPD

The classification act is drawn up for each identified ISPD. Based on the received data, each ISPDN is determined required level security of personal data. This is necessary in order to establish requirements for ensuring the protection of the personal data information system. Determination of the level of protection of personal data is carried out in accordance with the Decree of the Government of the Russian Federation dated 01.11.2012 No. 1119 "On approval of requirements for the protection of personal data when processing them in personal data information systems."

The act indicates:

  • personal data processed in the system;
  • the volume of processed personal data;
  • a type actual threats for ISPD;
  • information system structure;
  • availability of connections to public communication networks and (or) networks of international information exchange;
  • the mode of processing personal data in the system;
  • differentiation of user access rights;
  • location of ISPDN;
  • PD security level.

The ISPD classification act may include systems that store the following data:

  • special categories of personal data - information related to race, nationality, political views, religious or philosophical beliefs, health status, intimate life of the subjects of personal data;
  • biometric personal data - information that characterizes the physiological and biological characteristics of a person, on the basis of which it is possible to establish his identity and which is used by the operator to establish the identity of the subject of personal data;
  • publicly available personal data - information obtained only from publicly available sources of personal data created in accordance with Article 8 of the Federal Law "On Personal Data".

It is quite rare to find systems in which personal data of the 3rd category are processed. This is due to the fact that for real tasks we need not only the data identifying the subject (name, passport data), but also Additional Information about him (for example, salary information).

The most common information systems in which personal data of the 2nd category are processed. For example, payroll systems for employees.

The volume of processed personal data determines the number of subjects whose personal data is processed in the system. The following gradation is applied:

  • more than 100,000 personal data subjects;
  • less than 100,000 personal data subjects.

Types of threats to the security of personal data

Type of actual threats for ISPDN:

  • Type 1 threats are relevant for an information system if, among other things, threats associated with the presence of undocumented (undeclared) capabilities in the system software used in the information system;
  • Type 2 threats are relevant for the information system if, among other things, threats associated with the presence of undocumented (undeclared) capabilities in the application software used in the information system are relevant for it;
  • Threats of the 3rd type are relevant for an information system if threats that are not associated with the presence of undocumented (undeclared) capabilities in the system and application software used in the information system are relevant to it.

By type, personal data information systems described in the ISPD classification act are divided into standard and special. Typical ISPD are information systems in which only the confidentiality of PD is required. Special ISPDN are information systems in which, in addition to confidentiality, it is necessary to provide at least one more security characteristic of personal data (integrity, availability).

In addition, special systems include all ISPDs that process data on the health of subjects, and ISPDs, which provide for the adoption of decisions that give rise to legal consequences for the subject on the basis of automated processing.

Most of the existing ISPDN are special. This is due to the fact that, in addition to confidentiality, it is also important that PD are always available for processing, complete and reliable. For all special systems it is necessary to develop a “Particular Model of Actual Threats”.

Classification of personal data information systems by structure:

  • Autonomous. Represents one automated workplace(computer).
  • Local. Automated workstations (AWS), united in a local network.
  • Distributed. Automated workplaces or local area networks connected with each other using remote access technologies.

According to the mode of processing personal data in the ISPD system, they are divided into single-user and multi-user. Single-user systems are rare. As a rule, at least two people work even for one autonomous workplace (in case of vacations and illnesses).

Classification of multi-user ISPDs are divided into:

  • No differentiation of access rights. In such systems, all users have access to all information.
  • With differentiation of access rights. Each user has access to a strictly defined piece of information in the system.

According to the location, ISPD is divided into.

Top related articles

Different mouse movement vertically and horizontally
Different mouse movement vertically and horizontally
How to compress textures in fallout 4
How to compress textures in fallout 4
It remains only to understand the required level
It remains only to understand the required level
Categories:
© 2021 bumotors.ru. How to set up smartphones and PCs. Informational portal.