May 14, 2015

Cloud Security explained: 1 technical term, 0 complicated charts

News Products

While the cloud-based security approach is not a novelty, it’s been getting a lot of attention lately — most likely because everything today is “in the cloud.” In this day and age, your smartphone’s contacts, photos, e-mails, music, purchased movies and books are largely stored “somewhere else,” not on your computer or mobile device.

How Kaspersky Security Networks works

We often get questions like “How does it work?” “Is my personal information safe?” and “Why don’t you only use cloud security, if it’s so good?” Here we will try to answer some of the most popular questions. To keep things simple, we tried to avoid all technical terms except one — the very “cloud security” itself.

What’s up with the cloud?

“Clouds” store or process data someplace else, making access to information convenient, and connecting people for a mutual benefit. What is “cloud security” then? Our personal implementation of the cloud security model is called Kaspersky Security Network. And here we’ll explain how it actually works.

Let’s say, for example, you have Kaspersky Internet Security installed on your PC or Mac to routinely check your device for infection. Besides occasional updates, this “traditional” security technology does most of its job offline and requires approximately an hour to respond to a new threat.

In a modern world, however, an hour can be too long. What if you’re opening a file or loading a web page that seems suspicious, but your traditional security program can’t immediately deem the content malicious? That’s where Kaspersky Security Network kicks in.

Using this cloud security network, you can ask other users if they’ve come across a similar file or webpage lately. Was it suspicious as well? You can also ask our security experts (these guys are working 24/7 in different countries) what they think. Based on these conversations, the cloud security network gives you advice: “Hey, this file or web page is way too suspicious, you’d better not open it.”

The core idea of cloud security systems

Of course, you don’t have to ask all of these questions personally — that would be way too complicated. Our security solutions do this work automatically. Understanding the technical process is a bit more complex, but at least you now understand the core idea of how Kaspersky Security Network works.

In short, for some cyber threats, Kaspersky Security Network can reduce response time (i.e. the time between when a cybercriminal starts an attack and when the attack is blocked) from hours to minutes!

OK, sounds cool. Why don’t security companies only use cloud technology?

Without other traditional technologies, like Kaspersky Internet Security, Kaspersky Security Network would not be efficient. Our security solution is like a private detective assigned to your computer. Without network access, our program is capable of detecting a large percentage of attacks using its expertise and tools.

Cloud security helps to bring this percentage even closer to one hundred, and it works faster. However, sending all of your data to the cloud, instead of consulting about a few suspicious objects, could consume your data plan and take too much time to process — we don’t want that.

Is my personal data safe? Do you process it?

Yes, it is completely safe. In keeping with the terms of the law, Kaspersky Security Network doesn’t process any personal data. Our goal isn’t to obtain and store your photos, documents, or emails — we don’t even look at the files themselves. Instead, we look for suspicious file behavior, analyze how bad guys are conducting their attacks, and implement ways to block them.

In fact, Kaspersky Security Network is designed to process as little information as possible, and for good reason: we want to make data transmission really fast and secure (i.e. encrypted). To do this, we focus only on the data necessary to complete the main goal of detecting new threats. Transmitting, encrypting, storing, and decrypting any other data would be a waste of resources.

Generally, we use Kaspersky Security Network on a larger scale. Like, for example, to identify the most widespread threats in a particular country to better protect our clients in that country. We don’t track single users.

Can I opt out of Kaspersky Security Network? And will my computer be vulnerable if so?

Yes, you can disable (and enable) Kaspersky Security Network at any time. When you opt out, our product stops sending data from your device to the cloud system. This won’t decrease your own level of protection; you will still get the latest updates in any case.

However, cloud security works a bit like mass vaccination — the behavior of computer malware is very similar to that of biological viruses, especially the ability to polymorph. When a few people avoid vaccination, it doesn’t affect public health, just like a few people disabling Kaspersky Security Network won’t affect public security.

But when the majority doesn’t get vaccinated, or the majority doesn’t utilize cloud security, everyone becomes vulnerable. Thus, participating in Kaspersky Security Network is not only personally beneficial, but it also helps to make the cyber world a better and safer place. Ultimately, whether or not you take part in this effort is up to you.