Russian cybersecurity firm Kaspersky Labs is moving a significant part of its production and storage to Switzerland after it came under fire for supposed connections to the Russian government.
U.S. Homeland Security last year banned all federal agencies from using Kaspersky software after sensitive data was stolen from an NSA employee’s computer. There were accusations of collusion between Kaspersky and the Russian government in order to carry this out.
The company has vehemently denied this but has since been on a transparency drive after acknowledging that it has damaged business, particularly in the U.S., where Kaspersky made around a quarter of its sales in 2016.
Now it is moving its data centres that store Kaspersky Security Network (KSN) data for users in Europe, North America, Australia, Japan, South Korea, and Singapore into Switzerland. As well as this, it is moving what it calls its ‘software assembly line’ out of Russia and into Switzerland.
This is so that it can be compiled and signed in Switzerland, where it can be supervised and authorised by a third-party organisation before being put out to market.
In a blog post, the company said: Storing [KSN data] in Switzerland under the supervision of an independent organization means that any access to this data is meticulously logged — and the logs can be reviewed at any moment should any concerns arise.’
The post continued: ‘Although the current level of protection in our data processing and software development infrastructure is extremely high, we are constantly working to improve it.
‘To increase our resilience to supply-chain risks and transparency to our clients, it’s important to ensure that the source code reviewed in our Transparency Centre and the code actually compiled into products that are shipped to customers is the same code. That’s why we are moving the compilation and signing facility to Switzerland as well.’
The company has chosen Switzerland, it says, because of its history of neutrality and its strong data protection legislation. The first point is particularly relevant given Kaspersky’s previous accusations that the decision taken by U.S. Homeland Security was a ‘geopolitical’ one.
Reaction online was generally positive, with Twitter users praising the decision as a ‘good business move’ and an ‘excellent initiative.’ It is not yet clear whether this move will do enough to clear Kaspersky’s reputation in the long term – it suffered a 50% drop in U.S. retail bookings in the second half of 2017.