How Lacoon Mobile Threat Management Platform Protects Your Mobile Devices and User Privacy FAQ
- only device metadata is collected and analyzed; the app is not monitoring any content. The Mobile Threat Management Platform app is focused on device characteristics and behaviors that indicate potential vulnerabilities or infections, not the content stored on or flowing through the device.
As a mobile security company, we encourage you to be vigilant about what you download onto your mobile device. it is important to understand what each and every app is going to do, including ours! This document attempts to answer your questions around the Lacoon Mobile Threat Management Platform app and our commitment to your privacy.
Q. What does the Lacoon Mobile Threat Management Platform app do?
The Mobile Threat Management Platform app is designed to run in the background of your mobile device to help you keep it safe. It collects and sends anonymous, aggregate information to our cloud-based Behavioral Risk Engine (BRE), which analyzes that data to identify risky activity and advanced mobile attacks. Once an attack is identified, it will trigger the app to notify you of the risk and help you remove it to protect yourself.
Q. What content does Lacoon collect on my device?
Lacoon only collects aggregate information about different aspects of a device, the apps downloaded on that device and its general activity; Lacoon does NOT collect any personal information stored on or flowing through a device. Specifically, Lacoon collects:
- Information about installed applications to identify those that are malicious. This includes the application’s binary signature and possibly their binary package, which are key to analyzing how the application works and detecting activity that is suspicious.
- Information on the operating system file structure to identify compromised settings that could give an attacker access to your device and data.
- Heuristics about the communications of suspicious apps to identify suspicious activity. This includes the timing and frequency of the apps’ communications.
Lacoon is looking for those devices and app behaviors that indicate your phone or tablet may be under attack or compromised; we are looking at information that tells us how things work, NOT what is being accessed or communicated.
Q. Does Lacoon collect or see any of my private information, calls, web activity, messages or photos?
No, lacoon does NOT collect any private information; we do NOT monitor or collect any message, photos/video or call content, web browsing activity or any location indicators. Lacoon does NOT collect any of the content associated with any of your application or communications.
Q. How does Lacoon use and secure my data?
Lacoon is committed to your privacy. We do not use the information from your mobile device for anything other than detecting if your device is infected. We do not share your data with anyone else to support our service. We have multiple layers of security in place, commiserate with the industry’s highest standards, to protect all the data in our systems.
Q. Can my IT Admins see what apps are installed on my device?
Your IT administrator(s) will not be able to see which apps you have on your device, unless it is infected. Only when an app is identified as suspicious or malicious, based on its behavior, will your IT admin see it. In this way, they can assist you; they will be able to explain what the app is doing that is risky (NOT the content of that app), so you can re-mediate and protect your device. Note, your admin will not have any visibility into any of the other apps on your device beyond the one(s) infected.
Q. What does Lacoon do to protect my device?
When a threat is detected on your mobile device, it can trigger several responses, based on the level of risk that threat poses:
- Notification - you may receive a notification that alerts you to suspicious activity on your device; the notification will include information that helps you understand the risk and confirm whether you want to allow or stop the risky behavior.
- Remediation Information - when an attack is detected, you will receive a notification and remediation information that will help you quickly and easily stop and remove an attack.
- Active Protections - when an attack is detected, your Internet traffic will be redirected through our filtering gateway to block the malicious connections from your device to the attacker’s command and control server.
Lacoon is laser-focused only on the attack communications; none of the other communications are impacted and none of the content of any of the communications is monitored or captured during the during the duration of Active Protection. In addition, because Active Protection is dynamically triggered to contain an attack, once you have removed the attack from your device (which we will help you do), it is automatically deactivated and your traffic goes back to its regular routes.
Q. Does Lacoon comply with the European Union’s privacy regulations?
Yes, Lacoon’s solution is fully compliant with the EU’s privacy regulations. The aggregate information from devices that are owned by users in the EU is routed to Lacoon’s analysis servers located within the EU territory and all the day is kept within the EU.