How is CrowdStrike Falcon data used?
CrowdStrike Falcon data is used for identifying and blocking potential threats and malicious activities. It can then alert IT Security if further action is needed and be used for legal investigations. CrowdStrike Falcon may use anonymized information to improve its detection capabilities to enhance its effectiveness.
What data does CrowdStrike Falcon collect?
- Name of the computer
- Accounts used on a computer
- Files names related to potential threats
- Network activities related to potential threats
- Executable programs and scripts to identify potential threats
Content of files, emails, chat, or detailed web activities are not collected.
Who has access to CrowdStrike Falcon Data?
CrowdStrike Falcon data access is limited to only a selected few of the Berkeley Lab IT team; the Berkeley Lab IT CrowdStrike team has taken privacy training to ensure the highest privacy practice and is trusted with the data. The data will only be accessed and used to do work for Berkeley Lab. CrowdStrike Falcon data is stored on Crowdstrike servers in the cloud. Berkeley Lab retains ownership of the data.
What data does the CrowdStrike company have access to?
CrowdStrike will have access to the same data as the Berkeley Lab IT CrowdStrike team does. This allows them to continue improving CrowdStrike Falcon and provide the necessary analysis to stop harm to Berkeley Lab systems. To learn more about CrowdStrike's privacy policy, see CrowdStrike's Privacy Notice.
Are there privacy concerns with Crowdstrike?
CrowdStrike does retain some information about the usage of your computer that has privacy implications. This information is necessary to detect hostile activity and includes login times, file names, and even some network activity. The privacy concerning information gathered is minimal, but required in order to protect your computer. We recognize the privacy concerns and have taken appropriate steps to protect this data. Please note such privacy concerns are not unique to Crowdstrike data, many cyber security tools can create such data collecting the information necessary to protect Berkeley Lab. You might take a moment to review the relevant policies and RPM in this space.