tl;dr

At LuJam Cyber, we're obsessed with taking every precaution we can to protect your personal privacy while collecting cyber intelligence from a huge number of sources to make you, your company, and your home as safe as possible.  Any questions or concerns?  Then get in touch with our support team or email our Data Protection Officer at privacy@lujam.com.

Introduction

OK, this article is a little long, but we want you to feel absolutely comfortable that the data we collect is necessary and appropriate and that we have taken all reasonable precautions to safeguard your data.  As stated previously, here at LuJam Cyber, we take your personal privacy very seriously indeed.  In fact, preserving anonymity and protecting your privacy is the founding principle of our Cloud architecture.   

What data don't we collect?

Before detailing what data we do collect, it's worth being very clear about what data we do not collect - we think this says a lot about who we are and what we're passionate about:

• MAC addresses.  Every device has a unique fingerprint, called a MAC address.  This is one of those important pieces of technology that helps things just "work".  However, if it's a personal device, such as a mobile phone or a laptop, this information can be used to "physically" track individuals.  To allow us to track devices while protecting your privacy, the LuJam ACPU generates its own private id for the device.
• External IP addresses.  As with a MAC address, your company's external IP address can be used to identify you and your business.  For home users, this is harder, but not impossible. 
• Detailed geographic data. While we do collect address information for billing purposes, this data is held only by Stripe and can only be accessed by LuJam Cyber  through Stripe's official portal.  

In all the cases above, we believe that knowing who you are or where you are doesn't help us protect you.  As such, we actively avoid capturing this kind of information.  When you are away from the office or home, we have no need or right to know where you are, but we do provide you with the tools you need to stay safe (e.g. see our Virtual Private Network capability).

What data do we collect?

Before getting into details of how exactly we protect your privacy, let's start by outlining what data we collect and why we collect it:

• User data.  In order to allow you to logon to the LuJam Portal and view your network's data, we need to be able to securely verify that you are who you say you are.  To this extent, we use an email address and password.  We also recommend that you provide a mobile number: this can be used for multi-factor authentication; to send you alerts about  important events; and for safely resetting your password.  To make your user-experience more personal we also retain your first name and second name.
• Customer data.  In order to ship a LuJam ACPU to you, we collect your shipping address and credit card information.  This information isn't used by the LuJam Portal, but is only used for shipping goods, and to collect monthly/annual subscription payments.  As stated earlier, this data is actually held by Stripe.
• Network data.  To help you easily manage your network environment, we store information about its configuration.  This is very similar to the information you'll see on the administration page of your router (as provided by your Internet Service Provider).  This data is mainly of use to customers who have complicated networks.
• Device data.  To protect your network, we need to know what devices are operating in your network.  We're primarily interested in what the device is e.g. is it a Windows laptop, a printer, a MacBook or a phone?  This helps us establish what normal behaviour should look like.  As such, we record the device's name, its manufacturer, and internal IP address.  In addition, we also record when the device is active - this helps us, for example, to detect changes in behaviour (e.g. Joanne's laptop isn't usually in the office at 10pm on a Sunday).
• Annotations.  To make the LuJam Portal more helpful, we allow you to name things in the way you want to.  This information is only used by the LuJam Portal to display information back to you. 
• DNS data. The LuJam ACPU tracks all DNS requests made by each device in your network.  To put this in context, DNS is very similar to an old-fashioned telephone directory: if you want to visit a web-site, DNS tells your device where to find it.  By tracking this, the LuJam ACPU knows what sites your devices are visiting, but has absolutely no information about the conversation that's taking place.  If your device is trying to get in touch with a known malware site, for example, the LuJam ACPU will stop the conversation before it even starts.  Unfortunately, cyber threats are always evolving, so relying on stopping just "known" sites can leave sites exposed for days or weeks.  Therefore, periodically, the ACPU will locally anonymise this history before uploading it to the LuJam Cloud (anonymisation is GDPR's recommended way to ensure sensitive personal is protected).  By analysing DNS patterns within a network, and across multiple networks, LuJam can detect patterns and behaviours that may indicate an emerging threat.  We believe that using this data for the benefit of the community significantly reduces the chances of bad things happening for all of us.
• Diagnostic data.  To ensure your LuJam ACPU is doing its job correctly and protecting your network, we collect information about the health of the unit.  This includes things such as: what services are running; how busy is the processor; how much memory is being used, etc.

Who can see my data?

Firstly, its important to establish the fact that only you know that it's your data.  Until you account is linked with your network data via the sign up process, it's impossible to guess who the data belongs to.  Let me explain this in more detail below.

Basically, in the LuJam Cloud, all networks and devices essentially look the same: the names may change, the number of devices may vary, but otherwise most office and home networks are very, very similar.  Ahh, but what about the DNS data?  Yes, this will definitely vary depending upon you, your team, and your area of business.  However, the surprising thing is that 95% of the DNS lookups will be common across all networks, as most of this activity is machine-to-machine "chatter" e.g.: what time is it; do I need to upgrade; is there a new file in DropBox, etc.  On a normal day, a small office network will perform around ten thousand DNS lookups.  Of these, a few hundred will have been initiated by you and your team and most of these will be the common web sites, such as www.bbc.com, www.google.com, etc.  Even this small number of web sites will be dwarfed by the number of ad sites and support sites used by modern web sites: it's not unusual for the LuJam ACPU to block 200-600 DNS lookups for ads per user per day.

Hopefully, from the above description, it should be crystal clear why it's impossible to associate a user with a network or a device.

Now, getting back to the original question, only you can see your network's data.  The LuJam team do not have access to the fact it belongs to you, and it's impossible for them to work this out.  The only time our team can see your data is when you provide them with a temporary token via our support process.

Defence in depth: protecting your data

As you'd expect from a professional Cyber Security company, we take all reasonable precautions to safeguard your data and your privacy and we keep up with the latest recommendations and industry best practices.  The following list is not exhaustive, but should give you a clear idea as to how seriously we take our responsibility:

• Highly sensitive data is "hashed".  This primarily covers passwords, and means that even knowing the final value stored, it's impossible to get back to the original value.  
• All other sensitive data is encrypted, including personal names, email addresses, device and network names, and annotations.  The encryption keys are kept separate from the Cloud database. The encrypted data can only be decrypted as part of an authorised request by a LuJam Portal user.
• AWS Cloud Security.  We use Amazon Web Services (AWS) to run the LuJam Cloud service.  In our opinion, AWS is the most secure and most advanced Cloud provider by a significant margin.  We lock down access to the LuJam Cloud data by IP address, so accessing data is only possible from our offices.  
• All data is encrypted during transit.  We use HTTPS for all our web sites, REST APIs, and uploads to AWS S3 storage.
• Encrypted software upgrades.  From time to time, LuJam will upgrade the software that runs on the LuJam ACPUs.  The software updates are encrypted such that the LuJam ACPUs are 100% certain that they have been officially generated by LuJam.
• 24/7 monitoring.  Maintaining a highly available service requires constant monitoring.  We've made monitoring security as important in the process as making sure the LuJam servers are up and running. 
• Data Science.  As we monitor anomalous behaviour in your networks, so we trend our own cloud infrastructure's performance to detect changes and unexpected behaviour.
• Eating our own dog food.  All of our offices are protected by LuJam ACPUs, as well as the home networks of our employees who work remotely.

How long do you keep my data and can I have it deleted?

We normally keep data for as long as you're a satisfied customer, but this may also vary based upon your level of subscription - please contact sales for detailed information.  As the DNS data consumes significant space, we reserve the right to delete this data after 7 days.  

If you wish to have you data removed, then please just email our Data Protection Officer at privacy@lujam.com and the data will be deleted within 1-2 business days.

Further reading

This FAQ provides an overview in plain English of how we look after your data. For a formal statement see our Data Privacy Policy.