Kaspersky Lab users in Europe recently have begun getting the malicious and suspicious files shared by them processed in data centers in Zurich. The move to relocate these data processing activities by Kaspersky is part of the relocation commitment made by the company in late 2017 under its Global Transparency Initiative.
The relocation of data processing is part of a major infrastructure move designed to increase the resilience of the company’s IT infrastructure to risks of data breaches and supply-chain attacks, and to further prove the trustworthiness of its products, services and internal processes.
From November 13, threat-related data coming from European users will start to be processed in two datacenters. These provide world-class facilities in compliance with industry standards to ensure the highest levels of security.
The data, which users have actively chosen to share with Kaspersky Lab, includes suspicious or previously unknown malicious files and corresponding meta-data that the company’s products send to Kaspersky Security Network (KSN) for automated malware analysis.
Files comprise only part of the data processed by Kaspersky Lab technologies, yet the most important one. Protection of customers’ data, together with the safety and integrity of infrastructure is a top priority for Kaspersky Lab, and that is why the file processing relocation comes first and is expected to be fully accomplished by the end of 2019. The relocation of other types of data processed by Kaspersky Lab products, consisting of several kinds of anonymized threat and usage statistics, is planned to be conducted during later phases of the Global Transparency Initiative.
Today also marks the opening of Kaspersky Lab’s first Transparency Center in Zurich, enabling authorized partners to access reviews of the company’s code, software updates and threat detection rules, along with other activities. Through the Transparency Center, Kaspersky Lab will provide governments and partners with information on its products and their security, including essential and important technical documentation, for external evaluation in a secure environment.
These two major developments will be followed by the relocation of data processing for other regions and, in phase two, the move to Zurich of software assembly.
According to independent rankings, Switzerland is among the world’s top locations in terms of the number of secure internet servers available, and it has an international reputation as an innovative center for data processing and high quality IT infrastructure. Being in the heart of Europe and, at the same time, a non-EU member, it has established its own data privacy regulation that is guaranteed by the state’s constitution and federal laws. In addition, there are strict regulations on processing data requests received from authorities.
“Through the new Transparency Center also in Switzerland, trusted partners and governments will be able to see external reviews of our products and make up their own minds. We believe that steps such as these are just the beginning – for the company and for the security industry as a whole. The need to prove trustworthiness will soon become an industry standard,” said Eugene Kaspersky, CEO Kaspersky Lab
About the Kaspersky Global Transparency Initiative
Kaspersky Lab’s Global Transparency Initiative was announced in October 2017 and continues to make good progress. In addition to the Transparency Center opening and the IT infrastructure relocation, a number of other actions are being undertaken.
In particular, Kaspersky Lab has engaged one of the Big Four professional services firms to conduct an audit of the company’s engineering practices around the creation and distribution of threat detection rule databases, with the goal of independently confirming their accordance with the highest industry security practices.
The assessment will be done under the SSAE 18 standard (Statement of Standards for Attestation Engagements). The scope of the assessment includes regular automatic updates of antivirus records, created and distributed by Kaspersky Lab for its products operating on Windows and Unix Servers. The company is planning the assessment under SSAE 18 with the issue of the SOC 2 (The Service and Organization Controls) report for Q2 2019.
Additionally, Kaspersky Lab continues to improve the security of its products with the help of a community of security enthusiasts from all over the world. Within one year, Kaspersky Lab resolved more than 50 bugs reported by security researchers, of which several were acknowledged to be especially valuable.