Kaspersky has expanded the scope of its cyberthreat-related data relocation, and since last month, the company has been processing and storing malicious and suspicious files received from users in the Middle East, which used to be processed by facilities in Russia, are now moved to data-centers in Zurich, Switzerland. Swiss data centers provide world-class facilities in compliance with leading industry standards so the company’s users can be confident in the security of their data.
Moreover, Kaspersky has renewed its ISO 27001 certification issued by independent certification body TÜV AUSTRIA, an internationally recognized applicable security standard. In addition to the audit passed in 2020, this time the scope of the certification was even extended and now covers not only the Kaspersky Security Network (KSN) system for the safe storage and access to malicious and suspicious files (called KLDFS), but also KSN systems for processing statistics (called KSNBuffer database).
Conformity with ISO/IEC 27001:2013 – internationally recognized as the best practice industry and applicable security standard – lies at the core of Kaspersky’s approach to implementing and managing information security. The certification – granted by the third-party accredited certification body, TÜV AUSTRIA – demonstrates the company’s commitment to strong information security and its Data Service’s compliance with industry leading practices.
The document can be found in the TÜV AUSTRIA Certificate Directory and is also publicly available on the Kaspersky website here.
The company also publicly shared information on the requests for data and technical expertise received from government and law enforcement agencies as well as from users in H2 2021.
Andrey Efremov, Kaspersky’s Chief Business Development Officer, said “We have relocated the cyberthreat-related data processing and storage from a number of additional countries and territories to facilities in Switzerland – a country renowned for its strict data protection legislation. These steps form just part of our Global Transparency Initiative, which also includes independent assessments of our company’s data service and engineering practice integrity, and the provision of our products’ source code for open review. Together, these measures further underline our commitment to ensuring that the way we treat our user data is as open and transparent as possible, and that we continue to provide our customers and partners with the most reliable and trustworthy solutions and services.”