Dear Cardiff University, On your public web page you make a clear and open declaration that statistical data gathered by the Sophos antivirus software will be sent back to INSRV. (The following information requests are listed in priority order should the cost limit be approached) (1) How often is this data transmitted back to INSRV by the device? (2) Is data gathered and/or transmitted back to INSRV when the device (eg laptop) is outside of Cardiff University network? (eg if the device is on the user's home Internet-connected network) (3) Please list all DNS names and/or IP addresses that the device sends this data to.

• The Best Antivirus Software 2017
• Top Ten Antivirus Programs

Security Made Simple for Business. Centralized Data Security for Endpoints, Encryption, Network Protection, Mobile Devices, Servers, UTM Appliances, Email and Web.

(4) Please provide an example of such data (redacted as required to ensure anonymity of the user/device that sent the data). Please provide this as an attached document if possible to prevent formatting issues. (5) Please list all of the data fields captured and sent to INSRV (listed so that the semantics are clear eg a field called 'event' or 'data' does not explain its purpose). (6) where the local IP address is captured (as you have stated it is), does this mean the IP address reported to the device by its operating system (ie before any NAT is performed) (7) if the answer to (2) is yes, is the external IP address seen by INSRV when the data is transferred also logged and linked to the data?

(8) As the software in question is linked to via a webpage specifically targeting devices not owned by Cardiff University, and the provided software installer is silent (there is no explicit acceptance by the user during installation of any terms or license etc) and in light of the fact the Sophos antivirus software is acting in a manner that could be described as 'spyware' on privately owned equipment; is Cardiff University still happy that they are acting in a fair and ethical manner regarding spying on privately owned equipment, and that the users/owners are given fair warning? (9) In the briefest terms possible, how is this information transmitted back to INSRV? (eg XML data HTTP posted over TCP/IP) Yours faithfully, Thomas.OShea. Dear Mr O'Shea I acknowledge receipt of your email below received by this office on 29th June 2014 in which you requested information regarding Sophos Antivirus Software. Your request will now be dealt with under the Freedom of Information Act 2000 and has been allocated reference FOI14-162 which should be quoted in all correspondence. We will respond to your request within 20 working days starting the next working day after receipt, therefore you can expect to receive a response no later than 28th July 2014.

Where we consider that we will not be able to meet this deadline or if further time is required to consider the public interest test we will contact you as soon as possible and give you a revised date for response. In some circumstances a fee may be payable and, if that is the case, we will let you know.

The Best Antivirus Software 2017

A fees notice will be issued to you, and you will be required to pay before we will proceed to deal with your request. Yours sincerely Information Governance Team Governance and Compliance Division Cardiff University McKenzie House 30-36 Newport Road Cardiff CF24 0DE Fax 08 Tel 01. Dear Mr O'Shea I am writing in response to your Freedom of Information request below dated 29th June 2014 in which you requested information regarding Sophos Antivirus Software. For ease of reference, I have reproduced your questions below and set out our corresponding responses. On your public web page 1 you make a clear and open declaration that statistical data gathered by the Sophos antivirus software will be sent back to INSRV.

(1) How often is this data transmitted back to INSRV by the device? Dependant on the version of the client installed, clients contact the management service every 28 minutes or 6 hours when clients check with management server for updates. (2) Is data gathered and/or transmitted back to INSRV when the device (eg laptop) is outside of Cardiff University network? (eg if the device is on the user's home Internet-connected network) Yes, clients log locally and will send status information to the management service when they next check with management server. (3) Please list all DNS names and/or IP addresses that the device sends this data to. Sophoshome.cf.ac.uk 131.251.151.149 Note: IP addresses and DNS Names are subject to change. (4) Please provide an example of such data (redacted as required to ensure anonymity of the user/device that sent the data).

Top Ten Antivirus Programs

Please provide this as an attached document if possible to prevent formatting issues.