Kaspersky Endpoint Security Cloud is designed for administration of security applications that have been connected to the software solution, in accordance with the list of supported applications and in the framework of the functionality described in Help.
To use Kaspersky Endpoint Security Cloud, you must create an account on the website of the Right Owner (Kaspersky) at cloud.kaspersky.com and connect the security software installed on the devices owned by your users. By using the software solution, you agree that said software solution may receive data from devices that have security applications installed. The software solution also may store, process, and display information that is intended for ensuring the software solution's functionality.
An account that you must have to configure Kaspersky Endpoint Security Cloud by, for example, adding and removing user accounts, and configuring security profiles (security policies). This account lets you use the My Kaspersky service. You create this account when you start using Kaspersky Endpoint Security Cloud.
By creating an account and connecting administered security software to the software solution, you confirm that you are the sole owner of any data you provide or that you are entitled to provide any data.
For the purpose of device identification and management, Kaspersky Endpoint Security Cloud may receive, store, and process the following types of data:
For iOS devices—Data transmitted by means of Apple iOS MDM:
Technical parameters of the device and its components required for its identification: Device name, model, device operating system, operating system build number, device model number, IMEI, UDID, MEID, serial number, memory size, modem firmware version, Bluetooth MAC address, Wi-Fi MAC address, and SIM card details (ICCID that is part of the SIM card ID).
Details of the mobile network used by the device: Mobile network type, name of the currently used mobile network, name of the home mobile network, version of the operator settings, operation status of voice roaming and data roaming, country code of the home network, code of the country in which the device is currently located, code of the currently used network, and encryption level.
Device security settings: Presence of a password and configuration compliance with the parameters, list of configuration profiles, and list of profiles used for installation of third-party applications.
Date of the latest synchronization with the workspace and device management status.
An instance of Kaspersky Endpoint Security Cloud created for a specific company. When you create a workspace, Kaspersky creates and configures the infrastructure behind this workspace. You use Kaspersky Endpoint Security Cloud Management Console to manage your workspace and the security applications installed on the devices of the company.
Data for devices running Kaspersky Endpoint Security for Android:
Technical parameters of the device and its components required for its identification: Device name, model, device operating system, IMEI, and phone number.
Other technical parameters of the device and its components, such as device management status, SMS support, SMS sending permission, GCM support, support of user commands, operating system folder, and device name (if any).
Information about the Kaspersky application installed on the device:
Application name and version
Application installation date
Current status
Date and time of last update
List of installed updates
Date and time of database release
Number of records in the database
Tags and comments added by the administrator (if applicable)
Backup copies of encryption keys for the app container feature
One-time passwords for unlocking a device (if applicable)
Information about application settings
Information about device activity: Location of the device (the result of the Locate command), time of the last synchronization, time of the last workspace connection, and synchronization support details.
Events related to tasks of application components, changes in the operation status of the application or device, and modification of the application settings on the device.
Data for devices running Kaspersky Endpoint Security for Windows:
Technical parameters of the device and its components required for its identification: Device name and description, domain, Windows device name, domain name and IP address, operating system, manufacturer, operating system folder, information about whether the device is a virtual machine, and hypervisor type (if applicable).
Full name of the Windows device that is displayed in the computer properties window.
Other technical parameters of the device and its components: Windows Update Agent status and the operating system bit rate.
Information about device activity: Date and time of the last update and last visible time, Waiting for Reboot status, time the device was turned on, and Computer Visible on the Network tag.
Settings of the Kaspersky application installed on the device:
Application status
Information about whether or not there is a constant connection with the workspace
Real-time protection status
Date and time of the last scan of the device
Number of malicious objects found
Number of objects that cannot be disinfected
Tasks for managed applications
Availability and operating status of software components
The version of the anti-virus databases
Information about the settings of the Kaspersky application
Details of the accounts of device users and their sessions.
Events related to changes in the status of the managed application component on the device, and related to the performance of application component tasks.
Data for devices running Kaspersky Endpoint Security for Mac:
Technical parameters of the device and its components required for its identification: Device name and description, domain name and IP address, operating system, and operating system developer.
Information about device activity: Date and time of the last update and last visible time, Waiting for Reboot status, time the device was turned on, and Computer Visible on the Network tag.
Settings of the Kaspersky application installed on the device:
Status and version of the application
Information about whether or not there is a constant connection with the workspace
Real-time protection status
Date and time of the last scan of the device
Number of malicious objects found
Number of incurable objects
Tasks for managed applications
Availability and operating status of software components
The version of the anti-virus databases
Information about the settings of the Kaspersky application
Events related to changes in the status of the managed application component on the device, and related to the performance of application component tasks.
Details of the device owner: User alias in the workspace, email address, and list of self-signed certificates for identification of devices belonging to that owner. All of the above-listed data are stored in the infrastructure of Kaspersky Endpoint Security Cloud. Kaspersky specialists regularly create backup copies of this data.
All received data are used by the workspace administrator. Kaspersky Technical Support specialists may also use the above-listed data when the workspace administrator contacts Technical Support.
For the purpose of improving the software solution, the following data may be used:
Data about a workspace: Workspace ID, creation date, country, state (only for the United States or Canada); number of devices in the company that was specified during registration; identifier and region of Virtual Administration Server
Number of devices with the security software installed that are connected to the workspace, distribution of the connected devices by type
Number of users in the workspace, number of user groups in the workspace, number of users with administrator rights
Date of the last authentication of the administrator in the workspace
Information about the utilized license: License type (commercial, subscription, trial), license restriction on the number of devices, number of connected devices, expiration date of the previously used license, date of the license term start, order number for the license in the order management system; name of the partner company that sold the license; software to which the license applies
Names and versions of security applications connected to the workspace
Whether an administrator signed in to the workspace but did not perform any management or configuration actions during the connection session
For the purpose of monitoring adherence by license limit, the following data may be used:
Data about a workspace: Workspace ID and name of the company that uses the workspace
Information about the utilized license: Number of desktops, laptops, and file servers; and number of Android and iOS mobile devices that are connected to the workspace
This data is transferred to the Kaspersky Partner Portal located at https://partners.kaspersky.com/. This data is accessible only to the partner company from which you purchased a license and that ordered the license from Kaspersky through the Partner Portal.
Data and backup copies are removed from the software solution infrastructure based on the following rules:
If the software solution has been used under a trial license, the workspace data is automatically deleted one month after the trial license expires.
If the software solution has been used under a commercial license or a subscription, the workspace data is automatically deleted three months after the license or subscription expires.
Backup copies of data are stored no longer than three months after they are created.
Kaspersky can delete workspace data following a request from a company. In this case, data is deleted following a request sent to Kaspersky Technical Support. All information in backup copies is automatically deleted when those backup copies are deleted.
The user can manually delete the associated account with all its related information on Kaspersky Business Hub, or by using the My Kaspersky service.