General information about the certified cloud

General information about the certified cloud

Attested cloud — IT infrastructure based on the Servercore cloud platform resources which is housed in certified segment a and is designed to accommodate information systems with increased data protection requirements.

Meets the requirements of the regulatory documents:

• Order of the FSTEC of Russia No. 17 dated February 11, 2013;
• Order of the FSTEC of Russia No. 21 dated February 18, 2013;
• Special Requirements and Recommendations for Technical Protection of Confidential Information (STR-K, Order of the State Technical Commission of 30.08.2002 No. 282).

The requirements of the regulatory documents are fulfilled taking into account the distribution of areas of responsibility.

The attested cloud is suitable for deployment:

• state information systems (GIS) up to and including the first security class (K1);
• personal data information systems (PDIS) up to and including the first level of security (UZ-1);
• state information systems with security class L1 inclusive;
• automated systems of security class 1G.

In a certified cloud, you share physical server resources with other clients. To organize an infrastructure that is isolated from other clients, use Certified data center segment or private pool segment.

To see the availability of products in the certified cloud, go to accessibility matrices.

You can configure network connectivity between the infrastructure in the attested segment and other products using Global router.

If you host your infrastructure in a certified cloud, you can connect additional information security services:

• server security software;
• virtual firewalls;
• DDoS protection;
• vulnerability analysis.

The product supports user types and roles, projects и project limits and quotas.

Configuring and administering the certified cloud is your responsibility. If you need help with infrastructure administration, order a service administration service.

Servercore's information protection requirements⁠

Servercore is regularly reviewed by independent auditors to ensure compliance with all data protection requirements.

	Information protection requirement	Confirmation of Servercore compliance with the requirement
Processes personal data up to KM-1	FSTEC Order No. 21	Cloud platform certification
Is a state information system up to K1	FSTEC Order No. 17	Cloud platform certification
Process payment card data	PCI DSS	PCI DSS
Process personal data of EU citizens or people in the EU	GDPR	DPA and SCC can be issued
Used for handling confidential information and trade secrets	ISO 27001, ISO 27017, ISO 27018	ISO/IEC 27001:2022 Certificate ISO/IEC 27017:2015 Certificate ISO/IEC 27018:2019 Certificate
Complies with the requirements of the Central Bank of Russia	GOST R 57580	Conclusion for certified segments

Areas of responsibility⁠

Servercore is responsible for physical infrastructure security, hardware platform security, network infrastructure security, and virtualization platform security.

Servercore is not responsible for the operation of system and application software of virtual servers, administration and security related to logical access to the information system.

Cost⁠

Depending on the type of balances in the account, the following is used for payment single balance or cloud platform balance. Before ordering a service top up.

Resources in the certified cloud are charged at cloud platform payment models.

Prices for resources and external traffic can be viewed at servercore.com. You can calculate the cost of the certified cloud in resource calculator.