OREANDA-NEWS. October 26, 2012. According to an IDC study, CROC ranks number two in the IT security market in Russia with a 6% market share in 2011. Key to the company's success was a portfolio of new security solutions which address key customers' security needs.

In 2011, CROC's information security business grew by 51%. For the last couple of years, CROC has witnessed a trend whereby the information security approach within large companies has become more systemic and comprehensive. As a result, both tasks and projects have increased in scale, with CROC employees developing their professional qualifications and achieving new specializations and competences accordingly. For instance, CROC implemented its first GRC (Governance, Risk Management and Compliance) solution for a large state-owned corporation. The system can analyze network infrastructure security risks, check the network against approved security policies, and control changes in network device configurations. The differentiating feature of CROC's solution is that it can detect a potential attack vector on network resources via device configuration and vulnerability analysis.

"Our line of business is developing intensively and I expect it to grow by at least 25% in 2012. There is increased demand for protection against both internal threats (such as Data Loss Prevention technology) and external threats. Traditionally, financial and insurance companies take the lead in initiating such projects. For instance, we implemented an event monitoring system for a major bank and a client authentication center for another bank," says Mikhail Bashlykov, Head of Information Security, CROC.

Comprehensive information security projects were also important for the systems integrator. For instance, CROC created a Data Loss Prevention (DLP) system for a transportation company. Also, within a major manufacturing company, CROC first created an Information Rights Management (IRM) system and then a DLP solution which was then integrated with the IRM. The ability to regulate user access to documents combined with control of the most likely data leakage channels can significantly reduce the risk of deliberate or accidental data loss. Such integration helps avoid situations where employees who have the right to access information can send it to non-authorized users by mistake.

In addition, CROC supports the trend towards authentication centers and in 2011 such a project was deployed for a Russian bank. Jointly with a client profiling system, the authentication center can help reduce the possibility of the theft of money from client bank accounts, with confirmations only being required for non-typical client operations and in a convenient fashion.

About CROC

CROC is a leader in IT infrastructure design and implementation and the number one systems integration service provider in Russia (IDC reports, 2002-2012). CROC is one of the five largest IT companies in Russia (RIA Analytics 2012, Expert Rating Agency 2011) and one of Russia’s Top 200 Private Companies (Forbes 2012).