Order of the Federal Service for Technical and Export Control dated April 11, 2025, No. 117 "On Approval of the Requirements for Protecting Information Contained in State Information Systems and Other Information Systems of State Bodies, State Unitary Enterprises, and State Institutions" (Registered with the Ministry of Justice of the Russian Federation on June 16, 2025, No. 82619)
The requirements are applied to ensure the protection (by non-cryptographic methods) of information, to prevent unauthorized access to information, and to prevent special effects on information (information carriers) in order to extract, destroy, distort, or block access to information contained in information systems operating on the territory of the Russian Federation.

The order of the Federal Service for Technical and Export Control dated February 11, 2013, No. 17, which approved similar requirements, is recognized as invalid, with the amendments made to it.

It is provided that certificates of compliance for state information systems and other information systems issued before the date of entry into force of this item

• The use of weak user passwords, which creates threats of brute force attacks and account compromise. The absence of mandatory authentication for accessing databases (which creates threats of unauthorized access and information leakage). The Windows operating system uses the outdated SMBv1 protocol, which creates threats of unauthorized access attacks. Windows also uses the outdated NTLMv1 protocol, which creates threats of unauthorized access attacks. The presence of a "Guest" account in the local "Administrators" group: creates a threat of unauthorized access with elevated privileges. Storing credentials in plain text: creates a threat of authentication data leakage. The presence of open, unused ports: creates a threat of their use by attackers. Activated automatic user login to the server

Stages of development February 14, 1956 - The USSR Minister of Railways B.P. Beshchev signed an order on the establishment of the Design Bureau of the Main Directorate of Signalling and Communications (KB TsSh). The Institute was engaged in the creation of new devices of railway automation, telemechanics, as well as developments in the field of information technology. In 1987, on the basis of the KB TsSh and the divisions of the All-Union Research Institute of Railway Transport (VNIIGT), the Research Institute of Railway Automation (NIIZHA) was created. In 2000, the Research Institute of Railway Engineering was transformed into the Russian Research and Design Institute of Informatization, Automation, and Communications in Railway Transport (VNIIS of the Russian Ministry of Railways). In 2007, the VNIIS of the Russian Ministry of Railways was transformed into the Research and Design Institute of Informatization, Automation, and Communications in Railway Transport (NIIS OJSC).