LUKOIL-INFORM Improves Security of its IT Infrastructure with the Help of Informzaschita

Experts from Informzaschita defined technical requirements to improve the information security level for LUKOIL-INFORM in order to automate a greater part of IT and IS objectives relating to in-house infrastructure security audits. Employees from the IT and IS departments obtained ready-made audit and setting tools for different platforms developed on the basis of the assessment of business-related risks and in compliance with the best global practices.

In addition to developments relating to new security requirements, the change and vulnerability management as well as security analysis procedures were substantially improved. Based on the tailored tool to control compliance with the established requirements, IT and IS departments can now interact on the basis of strictly defined regulations complying with the Company’s strategic business objectives. Standards were developed for systems such as SAP, Oracle, Linux, Windows 2012 Server, Active Directory and many others. Requirements for the local access network architecture, routing protocols and Cisco equipment were revised as well.

Denis Khalilov, head of the Informzaschita’s Consulting Department, comments on the project results: “We developed a set of requirements and substantiated the need in them in a short span of time. At the same time, we defined all potential risks of non-compliance and their effect on the company business in general. From now on, IT and IS experts do not have to browse for information concerning settings of different systems: special software will do this automatically, and any required measures are available in the documents developed for this purpose.”