McAfee centralizes laptop encryption
This article speaks to the issues many accounts face. Having McAfee in the marketplace helps more than hurts...
Kingsfull
eChannelLine Daily News
9-June-2008
McAfee centralizes laptop encryption
by Paul Weinberg
McAfee is making a bid for enterprises burdened by their regulatory compliance investments with a centrally managed and integrated suite of products for internal and external security purposes, including the protection of mobile computing devices.
"One of the things we are hearing from customers especially in the enterprise and mid-market is that they have been spending millions of dollars and lots of resources on attempting to comply with various privacy regulations and other types of regulations around the world, and they don't necessarily have that much to show for their efforts," stated Chris Parkerson, group solutions marketing manager, data protection at McAfee.
The company is introducing two new products, McAfee Policy Auditor 5.0 and McAfee Encrypted USB, as well as enhancing existing data protection offerings, McAfee Endpoint Encryption and McAfee Host Data Loss Prevention (DLP). All these products are tightly integrated with McAfee ePolicy Orchestrator (ePO), McAfee's centralized management system and support for open standards.
McAfee is heading in a direction demanded by users for all IT security providers, stated Warren Shiau, lead analyst in IT research at the Strategic Counsel. "Security and compliance requires several things: setting policy, enforcement, monitoring for adherence, identifying where non-adherence or outside-of-policy activity occurs, and being able to report on such occurrences -- all under centralized management."
Ross Armstrong, another industry observer, suggested that security and compliance are finally being merged in the past 12 months under the umbrella of the same IT departments in many organizations, even though centralized security management solutions from various vendors have been out in the market for a few years.
Nevertheless, we are increasingly seeing improved communication between security and compliance professionals in corporate IT," stated Armstrong, senior research analyst at the Info Tech Research Group.
"By combining these functions into a single management console it is easier for the organization to provide those reports to auditors, to be able to demonstrate that compliance requirements are being met."
What is especially newsworthy is that McAfee is the first IT security vendor to incorporate an encryption management feature for mobile computing into its centralized management system for security, commented Eric Maiwald, CISSP vice president and service director, security and risk management strategies at the Burton Group.
The product announcements followed McAfee's acquisition of laptop encryption vendor SafeBoot last year.
McAfee's EPO allows system administrators to automatically and remotely install encryption on employee laptops in the field, as well as track which mobile units under their purview contain this form of protection and generate reports on the results, Maiwald reported.
"I guess with the integration of SafeBoot, it gives [McAfee] a little bit more of a story around the control of sensitive information around laptops."
At the moment the majority of enterprise laptops are not encrypted but this is changing with moves by private and public sector organizations to protect devices sitting outside their internal corporate security perimeter, continued Maiwald.
McAfee's new products are aimed at scenarios where corporate clients cannot prove to the satisfaction of auditors following a data security breech that the laptop where the sensitive information resided had already been encrypted.
"It is not enough to say I bought this product and put it on my laptop; you have to prove that it was on that laptop," stated Parkerson.
But Maiwald expressed some skepticism to this "marketing" since under regulations in the U.S., at least, a company can simply issue a statement that its external laptops and other computing devices are encrypted without having to prove it as such to regulatory authorities.
The only time that Maiwald can envisage a demand of proof of protection might be in the courtroom where a company would demonstrate to the satisfaction of a plaintiff and a judge that specific information had been encrypted and therefore a security breech had not occurred following the loss of a computing device. But that kind of application is a rare occurrence, he noted. "We just haven't seen that yet."
Meanwhile, Rob Enderle, the principal analyst at the Enderle Group, asserted that both McAfee's Policy Auditor and Encrypted USB offerings address corporate IT's desire for "open" platforms in security.
"McAfee has been operating under a bit of a cloud largely due to its financial and operational problems but these offerings may be the first real indicator that the firm is moving beyond those problems and starting to execute."
AI
