The U.S. Department of Homeland Security recently banned Kaspersky from being installed on any of their computers. The reason cited was that Kaspersky was snooping private files from computers and sending data to their servers. Kaspersky doesn’t deny snooping data in private files, but the company claims that none of the files it copies is of a serious nature. Kaspersky was also accused of passing information it obtains to the Russian intelligence agency.
Antivirus software has always buried itself deep into an operating system, but Kaspersky has been known to embed itself more than other antivirus competitors. It was caught copying a file that was an alleged hacker from a government PC.
The incident is something that could be a problem for corporations looking to hide intellectual property from outsiders. Kaspersky’s practices might be too aggressive for corporations that have private data on their machines. If Kaspersky is known to copy files, any files on the computer are subject to them copying and sending to their own servers.
It’s not unusual for an antivirus to embed itself deep into the operating system procedures. The software finds files that could be malicious and prompts the user to quarantine them. It could be considered too aggressive for companies that have high value files on their hard disks. The company has to make a decision between antivirus and allowing a third-party to scan files. If the antivirus software scans files that aren’t infected and don’t pose any threat, then they shouldn’t be copied or taken from the machine.
Other antivirus simply prompts the user to quarantine a file or move it to a quarantine folder. It’s normal behavior for most antivirus software to warn the user if a scanned file is malicious, but it’s not normal for the software to copy files and send it to a third party. Any business that has sensitive data on a computer should consider what the antivirus does before installing it. It’s also important why businesses should monitor files and alert administrators when there is suspicious activity to access them.
Even software you think is innocent can access intellectual property and cause inside threats for your business. It’s important to always monitor files, especially important ones that contain sensitive data. Kaspersky’s incident shows that even software that should be innocent can result in losing corporate data to a third party.