Kaspersky has reached a major milestone in its ongoing Global Transparency Initiative (GTI) as it completes the full relocation of its data storage and processing activities from Russia to Switzerland in the culmination of a three year-process.
The cyber security kingpin, which was established in Moscow in 1997, set up its GTI programme in 2017 as it faced down a ban on the use of its software in US government systems, and allegations that malicious actors had used its antivirus software to search for classified material.
It said the programme aimed to “pioneer a new approach for the cyber security industry based on greater transparency and accountability”, engaging the security community and outside stakeholders in validating and verifying the trustworthiness of its products, processes and operations. Among other things, it has released the source code of its software, undertaken third-party assessments and audits, and secured ISO 27001 certification for its data services.
The move of its data processing and storage activities out of Russia and into Swiss jurisdiction adds to other relocations supporting its business in APAC. Going forward, customer threat-related data shared with Kaspersky based in Europe, the US and Canada will now be processed at two datacentres in Zurich – including suspicious or previously unknown malicious files sent by its products to the Kaspersky Security Network for automated analysis.
“Since we announced our Global Transparency Initiative with a number of bold steps, including data processing and storage relocation, Kaspersky has not only reconfirmed its commitment to being a trusted partner, but anticipated expectations from the market and regulators,” said the company’s founder and CEO, Eugene Kaspersky.
“In the three years since the announcement, we have seen the major transformation of approaches and regulations in data security. We see that investment in trust and transparency is gradually becoming an industry standard, and I am proud of our company for being among the transparency pioneers and trailblazers.”
Also, Kaspersky’s customers in the US and Canada can now access a new North American Transparency Centre, which officially opened today in New Brunswick, Canada. It was developed alongside Canada’s CyberNB Association, a sector body that fosters engagement and collaboration between the private sector, government and academia.
The Canadian facility will be its fifth such Transparency Centre, in addition to ones located in Kuala Lumpur, Madrid, São Paulo and Zurich, and will offer Kaspersky’s customers and partners the opportunity to review source code and learn more about its products, and engineering and data processing practices. Currently, this is done remotely because the Covid-19 pandemic is restricting travel and access.
Kaspersky also plans to give customers and partners enhanced access to experience its data security controls and directly access its data management practices for their own examination and review.
Kaspersky said its work with the security community to prioritise transparency and accountability would continue into the future, citing its ongoing support for the Geneva Dialogue on Responsible Behaviour in Cyberspace.
“Our core belief is that through collaborative multi-stakeholder efforts, we are able to enhance confidence and trust in technology,” the company said in a media statement. “We can therefore ensure that the digital future – cyber-secure and cyber-resilient – is not a scary unknown, but a place with endless opportunities for growth and prosperity.”