Data Collection Disclosure - Worry-Free Business Security Services

Device Management

Worry-Free Business Security Services collects data from user computers or mobile devices to identify an endpoint for administrators.

Console settings	N/A
Data collected	IP address MAC address User name Host name Mobile number
Console location	N/A

Account Management

Administrators provide information on the Worry-Free Business Security Services web console to manage user accounts that can access the web console.

Console settings	Administration > User Accounts
Data collected	Account name Account email address
Console location	Administration > User Accounts

Active Directory Integration

Administrators upload a file containing Active Directory data or install the Active Directory synchronization agent on their Active Directory controller to manage endpoints using Active Directory information.

Console settings	Administration > Active Directory Settings
Data collected	Computer and OU object of Active Directory
Console location	Administration > Active Directory Settings

Group / Label Management

Administrators use group names and labels created on the Worry-Free Business Security Services web console to manage endpoints.

Console settings	Security Agent > New Group Security Agent > Label
Data collected	Group name Computer label
Console location	Security Agent > New Group Security Agent > Label

Detection Log

Worry-Free Business Security Services collects data from Windows Security Agent and sends detection logs to the Worry-Free Business Security Services web console for dashboard monitoring, log query, and reporting.

Data collected	File name URL Email address
Console location	Classic Mode: Go to SECURITY AGENTS and select a group. Menu icon (three vertical dots) > Configure Policy > Advanced Mode: POLICIES > Policy Management > Configure Policy >
Console settings	Scan Settings Behavior Monitoring Predictive Machine Learning Web Reputation Firewall Device Control Data Loss Prevention URL Filtering Application Control

Worry-Free Business Security Services collects data from Mac Security Agent and sends detection logs to the Worry-Free Business Security Services web console for dashboard monitoring, log query, and reporting.

Data collected	File name URL
Console location	Classic Mode: Go to SECURITY AGENTS and select a group. Menu icon (three vertical dots) > Configure Policy > Advanced Mode: POLICIES > Policy Management > Configure Policy >
Console settings	Scan Settings Web Reputation

Worry Free Business Security Services collects data from Android Security Agent and sends detection logs to the Worry Free Business Security Services web console for dashboard monitoring, log query, and reporting.

Data collected	File name URL
Console location	Classic Mode: Go to SECURITY AGENTS and select a group. Menu icon (three vertical dots) > Configure Policy > Advanced Mode: POLICIES > Policy Management > Configure Policy >
Console settings	Scan Settings Web Reputation

Smart Protection Network

Worry-Free Business Security Services collects data from integrated Core Tech module(s) inspecting files and URLs.

When a URL or an executable is determined as malicious and unknown to Trend Micro, the executable is sent to Smart Protection Network Feedback.

Console settings	Administration > Smart Protection Network
Data collected	File name URL
Console location	Administration > Smart Protection Network

Web Reputation / Categorization

Worry-Free Business Security Services collects data from integrated Core Tech module inspecting URLs. Suspicious URLs are submitted to Web Reputation Services for reputation rating or categorization.

Data collected	URL
Console location	Classic Mode: Go to SECURITY AGENTS and select a group. Menu icon (three vertical dots) > Configure Policy Advanced Mode: POLICIES > Policy Management > Configure Policy
Console settings	Web Reputation URL Filtering

Predictive Machine Learning

Worry-Free Business Security Services collects data from integrated Core Tech module inspecting files and queries TrendX for machine learning based malware detections.

Data collected	File name
Console location	Classic Mode: Go to SECURITY AGENTS and select a group. Menu icon (three vertical dots) > Configure Policy Advanced Mode: POLICIES > Policy Management > Configure Policy
Console settings	Predictive Machine Learning

File Reputation

Worry-Free Business Security Services collects data from integrated Core Tech module inspecting files and queries file reputation to determine the risk rating.

Data collected	File name
Console location	Classic Mode: Go to SECURITY AGENTS and select a group. Menu icon (three vertical dots) > Configure Policy > Scan Settings > Scan Method (Choose Conventional Scan) Advanced Mode: POLICIES > Policy Management > Configure Policy > Scan Settings > Scan Method (Choose Conventional Scan)
Console settings	Conventional Scan

Apple Push Notification Service Certificate

A valid Apple Push Notification service (APNs) certificate is required to manage iOS devices.

Data collected	APNs certificate
Console location	Administration > Mobile Device Enrollment Settings
Console settings

Locate Mobile Device

Worry-Free Business Security Services collects data from mobile devices to help administrators locate devices remotely.

Data collected	Geo-location
Console location	Security Agents > Select an Android device > Tasks > Remote Locate
Console settings	Remote Locate

Email Security

Worry-Free Business Security Services synchronizes data from the Cloud App Security or Hosted Email Security server to monitor ransomware attacks detected on email servers.

Console settings
Data collected	File name URL email sender email recipient email subject
Console location	Disable from the Cloud App Security or Hosted Email Security web console

User Behavior Monitoring

Worry-Free Business Security Services collects data from web browsers used to access the Worry-Free Business Security Services web console. The collected data help Trend Micro understand how administrators use the web console and enhance the user experience.

Console settings	N/A
Data collected	Visited URLs on the Worry-Free Business Security Services web console.
Console location	N/A

Endpoint Sensor: Threat Investigation

Endpoint Sensor regularly collects metadata from the endpoint and uploads it to the server. Endpoint Sensor utilizes the data during a threat investigation to identify affected endpoints.

This feature is available in a separate license. For more information, contact your sales representative.

Data collected	File name File path Source IP address Destination IP address URL Active Directory account name User account name Process command CLI command Registry
Console location	Classic Mode: Go to SECURITY AGENTS and select a group Menu icon (three vertical dots) > Configure Policy > Advanced Mode: POLICIES > Policy Management > Configure Policy >
Console settings	Endpoint Sensor

Detection Log (Suspicious Objects)

Worry-Free Business Security Services collects data from the Security Agent and sends detection logs to the Worry-Free Business Security Services web console for log query.

To disable this feature, remove all suspicious objects and turn off Sample Submission.

This feature is available in a separate license. For more information, contact your sales representative.

Data collected	Domain File name IP address URL
Console location	Policies > Policy Management > Configure Policy >
Console settings	Sample Submission Policies > User-Defined Suspicious Object List Policies > Virtual Analyzer Suspicious Object List

Sample Submission

Worry-Free Business Security Services collects sample files from the Security Agent and analyzes the files in Virtual Analyzer sandbox. Files that have the potential to expose systems to danger or loss are then added to the Virtual Analyzer Suspicious Object List.

This feature is available in a separate license. For more information, contact your sales representative.

Data collected	Raw file content
Console location	Policies > Policy Management > Configure Policy >
Console settings	Sample Submission

Troubleshooting

Worry-Free Business Security Services collects this data to troubleshoot customers' problems.

Console settings
Data collected	Debug logs and crash dump files IP address Processes running on the endpoints Registry System information Windows system event logs
Console location	This feature cannot be disabled. If you do not want this data to be collected, please uninstall the Security Agent program.