CrowdStrike Falcon data is used for identifying and blocking potential threats and malicious activities. It can then alert IT Security if further action is needed and be used for legal investigations. CrowdStrike Falcon may use anonymized information to improve its detection capabilities to enhance its effectiveness.
No, CrowdStrike Falcon does not scan the contents of files such as documents and images, nor does it monitor email, chat, or the contents of web pages. CrowdStrike Falcon does scan and analyzes executable files, such as applications and scripts, in order to identify malicious activity.
Content of files, emails, chat, and website activities are not accessed or collected.
CrowdStrike Falcon data access is limited to only a selected few of the Berkeley Lab IT team; the Berkeley Lab IT CrowdStrike team has taken privacy training to ensure the highest privacy practice and is trusted with the data. The data will only be accessed and used to do work for Berkeley Lab.
Crowdstrike stores CrowdStrike Falcon data on its secure cloud servers. Berkeley Lab retains ownership of the data.
CrowdStrike will have access to the same data as the Berkeley Lab IT CrowdStrike team does. This allows them to continue improving CrowdStrike Falcon and provide the necessary analysis to stop harm to Berkeley Lab systems.
CrowdStrike Falcon data is not shared with anyone without approval from the Berkeley Lab IT Policy team.
See the following pages:
To learn more about CrowdStrike's privacy policy, see CrowdStrike's Privacy Notice.