About data provision

By accepting the terms of the End User License Agreement and the Privacy Policy, you consent to the automatic processing of personal data for the purposes of supporting the operation of the application. For information about how personal data is obtained, processed, and stored, please read the End User License Agreement and the Privacy Policy.

The application does not send users' personal data to Kaspersky. Users' personal data is processed on the computers on which the application components are installed.

The application processes and saves the following data related to users' personal data:

• Names of user accounts that were created in the operating system of the Server computer and added to the kics4net group (users that work with the Application Console).
• Names of user accounts that were created in the application (application users).
• IP addresses or names of computers with application components installed.
• IP addresses, MAC addresses or names of industrial network devices.
• Device information received by the application during traffic analysis using rules for discovering information about devices and communication protocols.
• IP address or name of the computer with Kaspersky Security Center, and IP addresses or names of computers that are recipient systems' servers for receiving events: Syslog server, SIEM server.
• Email addresses of event notification recipients.
• Data in industrial network traffic transmitted between devices and containing users' personal data (this data is processed by the application together with other data when analyzing a copy of industrial network traffic).

The listed data is processed for the purpose of analyzing process violations and for detecting network traffic anomalies that may be signs of attacks.

The application saves the received data in logs.

If the application administrator has configured the transmission of events to recipient systems, the received data is processed and stored in the recipient system in accordance with its functionality and purpose.

If the application installation script was used to create files for the purpose of providing information to Kaspersky Technical Support, the following data is saved in these files:

• Contents of folders used for storing application data:
  • Files of process logs for application components, the DBMS, and the Intrusion Detection system.
  • Files of working data of the Application Console.
  • Files of working data of the Server and sensors.
  • Application installation settings file.
  • Application message log and audit log.
• Security policy applied on the Server.
• Information about the current status of services that support the operation of application components:
  • kisc4net
  • kics4net-postgresql
  • kics4net-webserver
  • klnagent
• Information about the version and distribution package of the operating system on computers that have application components installed (the uname -a command is used for receiving information).
• Information about the network interfaces on computers that have application components installed (the ifconfig command is used for receiving information).
• Entries saved by the auditd service in the file /var/log/audit/audit.log.
• Settings, status, and operating mode of the firewall in the operating system.
• If the corresponding settings are defined, the following files and data are also saved when running the application installation script:
  • Traffic dump files.
  • Data on the Intrusion Detection system configuration.
  • Data on the certificates used in Kaspersky Industrial CyberSecurity for Networks (except certificates that were published by trusted certificate authorities).

The application does not monitor access to the application installation settings file, which may contain personal data. The application does not provide access to the list of users who can work with the Application Console. Therefore, the application does not track the reading of this list. However, the application does track startups of application components (for example, the Console) and other connections to the Server that involve verification of user credentials.

When receiving updates from Kaspersky servers, the application transmits the following data necessary for automatic selection of the relevant updates:

• Version of Kaspersky Industrial CyberSecurity for Networks.
• Localization language code of components of Kaspersky Industrial CyberSecurity for Networks.
• IDs of updated elements.
• Kaspersky Industrial CyberSecurity for Networks installation ID.
• ID of the type, version and bit rate of the operating system.

Page top