Security Cloud

This document describes Security Cloud, an online service from F-Secure Corporation that identifies clean applications and web sites while providing protection against malware and web site exploits.

What is Security Cloud

Security Cloud is an online service which provides rapid response against the latest Internet-based threats.

As a contributor, you allow Security Cloud to collect data that helps us to strengthen your protection against new and emerging threats. Security Cloud collects information on certain unknown, malicious or suspicious applications and unclassified web sites. This information is anonymous and sent to F-Secure Corporation for combined data analysis. We use the analyzed information to improve your protection against the latest threats and malicious files.

How Security Cloud works

Security Cloud collects information on unknown applications and web sites and on malicious applications and exploits on web sites. Security Cloud does not track your web activity or collect information on web sites that have been analyzed already, and it does not collect information on clean applications that are installed on your computer.

If you do not want to contribute this data, Security Cloud does not collect information of installed applications or visited web sites. However, the product needs to query F-Secure servers for the reputation of applications, web sites, messages and other objects. The query is done using a cryptographic checksum where the queried object itself is not sent to F-Secure. We do not track data per user; only the hit counter of the file or web site is increased.

It is not possible to completely stop all network traffic to Security Cloud, as it is integral part of the protection provided by the product.

Security Cloud benefits

With Security Cloud, you will have faster and more accurate protection against the latest threats and you will not receive unnecessary alerts for suspicious applications which are not malicious.

As a contributor to Security Cloud, you can help us to find new and undetected malware and remove possible false positive ratings.

All participants in Security Cloud help each other. When Security Cloud finds a suspicious application, you benefit from the analysis results if the same application has already been found by someone else. Security Cloud improves overall performance, as the installed security product does not need to scan any applications that Security Cloud has already analyzed and found clean. Similarly, information about malicious websites and unsolicited bulk messages is shared through Security Cloud, and we are able to provide you with more accurate protection against web site exploits and spam messages.

The more people that contribute to Security Cloud, the better individual participants are protected.

What data you contribute

As a contributor, you allow Security Cloud to collect information on applications that you have installed and the web sites that you visit so that Security Cloud can provide better protection against the latest malicious applications and suspicious web sites.

Analyzing the file reputation

Security Cloud collects information only on applications that do not have a known reputation and on files that are suspicious or known to be malware.

Only information on application (executable) files is collected, not on any other file types.

Depending on the product, the collected information can include:

  • the file path of the application (excluding any personally identifiable information),
  • the size of the file and when it was created or modified,
  • file attributes and privileges,
  • file signature information,
  • the current version of the file and the company that created it,
  • the file origin or its download URL (excluding any personally identifiable information),
  • F-Secure DeepGuard and anti-virus analysis results of scanned files, and
  • other similar information.

 

Security Cloud never collects any information of your personal documents, unless they have found to be infected. For any type of malicious file, it collects the name of the infection and the disinfection status of the file.

Submitting files for analysis

In some products, you can also submit suspicious applications to Security Cloud for analysis.

You can submit individual suspicious applications manually when the product prompts you to do so, or you can turn on the automatic upload of suspicious applications in the product settings. Security Cloud never uploads your personal documents.

Analyzing the web site reputation

Security Cloud does not track your web activity. It makes sure that visited web sites are safe as you browse the web. When you visit a web site, Security Cloud checks its safety and notifies you if the site is rated as suspicious or harmful.

In order to improve the service and maintain a high rating accuracy, Security Cloud may collect information about visited web sites. Information is collected if the site that you visit contains malicious or suspicious content or a known exploit, or if the content on the site has not yet been rated or categorized. Collected information includes the URL and meta data related to the visit and the web site.

Security Cloud has strict controls to ensure that no private data is sent. The number of collected URLs is limited. Any submitted data is filtered for privacy-related information before it is sent, and all fields that are likely to contain information that may be linked to you in a personally identifiable format are removed. Security Cloud does not rate or analyze web pages in private networks, and it never collects any information on private network addresses or aliases.

Analyzing the system information

Security Cloud collects the name and version of your operating system, information about the Internet connection and the Security Cloud usage statistics (for example, the number of times web site reputation has been queried and the average time for the query to return a result) so that we can monitor and improve the service.

How we protect your privacy

We transfer the information securely and automatically remove any personal information that the data may contain.

The collected information is not processed individually; it is grouped with information from other Security Cloud contributors. All data is analyzed statistically and anonymously, which means that no data will be connected to you in any way.

Any information that might identify you personally is not included in the collected data. Security Cloud does not collect IP addresses or other private information, such as e-mail addresses, user names and passwords. While we make every effort to remove all personally identifiable data, it is possible that some identifying data remains in the collected information. In such cases, we will not seek to use such unintentionally collected data to identify you.

We apply strict security measures and physical, administrative and technical safeguards to protect the collected information when it is transferred, stored and processed. Information is stored in secured locations and on servers that are controlled by us, located either at our offices or at the offices of our subcontractors. Only authorized personnel can access the collected information.

F-Secure may share the collected data with its affiliates, sub-contractors, distributors and partners, but always in a non-identifiable, anonymous format.

Questions about Security Cloud

Contact information for any questions about Security Cloud.

If you have any further questions about Security Cloud, please contact:

F-Secure Corporation
Tammasaarenkatu 7
PL 24
00181 Helsinki
Finland

http://www.f-secure.com/en/web/home_global/support/contact

The latest version of this policy is always available on our web site.