Data Management FAQ
This document answers commonly asked questions related to HP Wolf Pro Security (WPS), data collection, transmission, storage, retention, and disposal of data.
Contents
Cloud Technology/Data Centers
Q: What cloud technology and data centers are leveraged by HP Wolf Pro Security (WPS)?
A: HP Wolf Pro Security (WPS) is comprised of two components: a client application running on the endpoint and an online cloud management portal (HP Wolf Security Controller) hosted on Amazon Web Services (AWS). WPS utilizes Amazon data centers in the United States and Germany. Data for customers located in European countries can be hosted in the German data center. Data for customers in all other countries can be hosted in the U.S data center. To learn more about AWS, visit https://aws.amazon.com.
Q: What are the roles of each data center with respect to tasks and customers?
A: The United States and German data centers can be used to differentiate customers from different regions and act as regional data centers. European-based customers may prefer to use the German regional data center, while customers from all other countries may prefer to use the U.S. regional data center. Having the two data centers, allows HP Wolf Pro Security to localize personal data within each of the regions.
In addition, each customer of WPS gets what is effectively their own separate instance of a cloud management portal (HP Wolf Security Controller), which runs in separate AWS ECS instances. This ensures full data separation between individual customers data ensures that any data breach would only affect a single customer without compromising any other customers data.
The exact location of these data centers cannot be disclosed due to security reasons.
Q: How does the data flow between the device and the HP Wolf Security Controller?
A: Data flow follows this process:
1. While activating their WPS purchase, the customer can choose the region where they wish their data is stored, which is hosted in U.S. or German regional data centers.
2. The customer can then download the installer software from the controller and run by the customer within their environment.
3. WPS agent software is then acquired by the installer from the cloud portal and installed to customer’s devices to enroll individual devices to be managed by the customer instance of the HP Wolf Security Controller.
4. The WPS agent software on the customer’s devices capture and send data to the HP Wolf Security Controller that has been provisioned for that customer.
Data Collection
Q: What data does WPS collect and how is it used?
A: The “types” of data collected by WPS are either provided by the customer directly or collected automatically from the endpoint by the agent software running on the endpoint.
Purpose of Data Collection |
Data Collected |
Description of data collected |
Account management |
Account data |
Information such as how a customer purchases or signs up for HP Wolf Pro Security, support history with respect to incidents generated by WPS, and anything else relating to the WPS account to perform transaction services like account management. |
Ensure WPS software and services works properly |
Application data |
Software version and installation status of WPS software applications. |
Account setup, identity management and entitlement validation |
Contact data |
Personal and/or business contact data limited to email addresses and business name, used for WPS customer tenant account setup and validation, services entitlement and email notifications around incidents and services. |
Deliver proactive IT service maintenance and management, and customer-centric reports/dashboards |
Device data |
Basic hardware information related to device: computer, operating system, amount of memory, region, language, time zone, serial number, model number, initial start date, age of device, device manufacture date, IP address, browser version, computer manufacturer, warranty status, SKU number and other unique device identifiers and additional technical information that varies by product. |
Hardware components such as disk, BIOS, display and graphics, plug and play devices and drivers, driver errors and driver crashes, memory, processor, environment variables, operating system, network interface, operating system and third-party patches, anti-virus and firewall status and applications, windows device security profile, and device management profiles and their status |
||
Software applications installed on devices. Incudes but not limited to versions of Microsoft Office and Adobe Reader. |
||
Threat Analysis and insights |
Malware Data |
A malware manifest that contains all relevant data about the detected threat and the files associated with the threat. Note: WPS only collects this data if a threat has been positively identified. |
Malware and file hashes. This is for comparing the hash against known malware databases |
Q: What types of data is not collected by HP Wolf Pro Security?
A: |
WPS does not collect the following types of data: |
• Demographic information (with the exception of country or language preferences)
• Financial account information, credit or debit card numbers, credit records, or payment data
• Social media information
• Government-issued identifier such as social security, social insurance number, or Government ID
• Health information
• Sensitive data such as ethnic origin, political beliefs, trade union membership, health data, sexual orientation, and genetic data
Security
Q: How is data communication secured between endpoints and my HP Wolf Security Controller?
A: Data is encrypted via TLS between your endpoints and the HP Wolf Security Controller. All “in-transit” data transmissions are encrypted end-to-end.
Q: Will I be given dedicated infrastructure/server instances?
A: Yes. HP Wolf Security Controller Cloud instances are dedicated.
Q: How will I access the HP Sure Controller admin portal?
A: You access your dedicated HP Wolf Security Controller environment via web browser, using high-assurance two-factor authentication.
Q: Is the service ISO 27001 and SOC 2 Type II certified?
A: Yes. The HP Managed Cloud service is ISO 27001 and SOC2 Type II certified. Details about obtaining our ISO27001 certificate and SOC2 Type II report are available on our website. Our hosting provider Amazon Web Services (AWS) are similarly ISO 27001 and SOC2 Type II certified.
Q: Are you compliant with the European Union’s General Data Protection Regulation (GDPR) requirements?
A: Yes, we are compliant. We have processes in place to automatically delete any data that is stored or shared with us (Data Retention). Data Retention settings can be configured and changed at any time.
Q: What security analytics are available via the HP Wolf Security Controller?
A: The HP Wolf Security Controller provides insights and reporting on isolated threats, malware and password phishing attempts identified and prevented by HP Wolf Pro Security. Threat details include kill chain views of threat behavior mapped to the MITRE ATT&CKTM framework.
Q: Where can I learn more about HP Wolf Pro Security?
A: For more information, visit: https://www.hp.com/us-en/security/business-pc-security.html
Data Access
Q: Who is allowed to access my data on the HP Wolf Security Controller?
A: On being granted permission by the customer, HP support can access the customer’s controller. This access is required for the purpose of:
· Troubleshooting the deployment of your HP Sure Controller in the HP Cloud
· Monitor running services
· Provide assistance and answers to service-related questions
· Provide Level 2 and Level 3 support and coordinate with your service desk
· Automatically upgrade your endpoints with new releases of HP WPS for troubleshooting purposes
© Copyright 2021 HP Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services.
Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Windows is either a registered trademark or trademark of Microsoft Corporation in the United States and/or other countries. Adobe PDF is a trademark of Adobe Systems Incorporated. Chrome and Chromium are trademarks of Google Inc.