Sber Legal, a subsidiary of Sber’s ecosystem, has completed the deployment of cybersecurity solutions from Russian firm Indid to protect access to its core IT systems. The implementation focuses on privileged access management (PAM) and secure authentication, addressing growing threats in the financial and legal sectors1. This move aligns with broader trends in Russia’s cybersecurity market, which grew 25% year-over-year in 2023, reaching 265 billion RUB2.
Implementation Details
The integration of Indid’s solutions at Sber Legal targets privileged account security, a critical attack vector for financial institutions. Indid’s PAM tools enforce granular access controls, session monitoring, and credential vaulting for administrative accounts. The company, ranked #54 in Russia’s cybersecurity market with 840M RUB revenue (+36.4% YoY), specializes in access governance for regulated industries2.
Technical specifications include:
- Role-based access control (RBAC) tied to Active Directory/LDAP
- Just-in-time privilege elevation with approval workflows
- Session recording for all privileged activities
Russian Cybersecurity Context
The project reflects Russia’s push for import substitution in cybersecurity, with domestic firms like Kaspersky (47.7B RUB revenue) leading the market2. Regulatory pressures following high-profile attacks on financial institutions have accelerated PAM adoption. Indid’s growth outpaced the market average at 36.4%, indicating strong demand for access management solutions.
| Rank | Company | Revenue (B RUB) |
|---|---|---|
| 1 | Kaspersky | 47.7 |
| 2 | Gazinformservis | 36.0 |
| 3 | Softline | 34.2 |
| 54 | Indid | 0.84 |
Security Implications
For security teams, the implementation demonstrates practical PAM deployment in a high-risk environment. Sber Legal’s approach includes:
“Multi-factor authentication for all privileged sessions and automated rotation of service account credentials”1
Remediation guidance for similar organizations includes auditing privileged accounts weekly and implementing session timeouts after 15 minutes of inactivity. The solution’s architecture reportedly withstands credential stuffing and pass-the-hash attacks common in financial sector breaches.
Conclusion
Sber Legal’s adoption of Indid’s PAM solutions reflects strategic cybersecurity investment in Russia’s financial-legal sector. The project highlights growing prioritization of access governance amid regulatory scrutiny and sophisticated threats targeting privileged credentials.
References
- “Индид” защищает доступ к ключевым ИТ-системам ООО «Сбер Лигал». CNews. 2025.
- Крупнейшие ИБ-компании в России. TAdviser. 2023.
