All Government Systems to Be Secured with Cryptography
Russia’s Ministry of Digital Development will require all IT system developers for federal and municipal agencies to use cryptographic tools for information protection.
The ministry has drafted an order tightening information security requirements for all auxiliary systems of government bodies. Previously, these rules applied only to systems with the status of GIS (state information systems). Now, unified regulations will cover electronic document management systems, HR and financial applications, regional registries, and other departmental IT services.
According to the ministry, the goal is to expand the list of information systems required to comply with the federal law “On Information, Information Technologies, and Information Protection.” As of June 1, 2026, these rules apply only to developers of systems with GIS status.
The new standards take effect on September 1, 2026, and will primarily affect providers supplying computing power—commercial data centers (DCs). DC owners will be required to ensure data integrity and confidentiality at the IT infrastructure level. The draft order’s summary lists 478 companies subject to the new requirements.
It is noted that most hosting providers already meet existing requirements and have the necessary infrastructure. The industry’s actual costs are expected to increase only slightly. The changes were preliminarily discussed with market participants and received business support.
