McAfee has announced two new offerings, McAfee Policy Auditor 5.0 and McAfee Encrypted USB, and significant enhancements to its two flagship data protection offerings, McAfee Endpoint Encryption and McAfee Host Data Loss Prevention (DLP).
These offerings are designed to help companies prove compliance with regulatory mandates and their own security policies and combine enforcement of security policies with the ability to quickly audit and report on the effectiveness of those policies and prove a company’s level of compliance. This greatly eases audit, legal discovery, or other regulatory processes. The key to these capabilities is the tight integration with McAfee ePolicy Orchestrator (ePO), McAfee’s centralised management system, and support for open standards.
Enterprises are stretching themselves to prove compliance to industry regulation and internal policies while also managing IT risk due to security threats. Traditionally, these enterprises have deployed myriad point products resulting in ad hoc processes. Proprietary standards have further prolonged and complicated the audit process.
The recent spate of data security breaches has culminated in calls for stricter security policies and compliance with data encryption procedures. McAfee’s announcement empowers enterprises to pursue an optimised approach for efficient compliance management.
"McAfee’s new compliance solutions improve operational efficiency by reducing the number of hours spent on administrative tasks," says Chris van Niekerk, regional director of McAfee South Africa. "With the tight integration into McAfee ePolicy Orchestrator, we now have a single integrated console and agent which we can use to deploy, manage and report on the compliance solutions. The dashboard functionality of ePolicy Orchestrator also enables convenient views of our compliance posture."
The new edition of McAfee Policy Auditor 5.0 leverages open security standards such as XCCDF (Extensible Configuration Checklist Description Format) and OVAL (Open Vulnerability Assessment Language). Both Policy Auditor and McAfee Endpoint Encryption feature audit capabilities which enable organisations to automate the processes required for internal and external audits and quickly provide the necessary proof, when needed, to respond to regulatory inquiries.
Integrated management through McAfee ePO and reporting across multiple product lines provides a unified platform for compliance and security management.
"Managing IT risk and meeting a variety of compliance mandates and technical standards requires more than a patchwork of security technologies," says Van Niekerk. "By centralising the management and enforcement of security policies, automating the assessment of security configuration controls, and proactively measuring results against policy, we are helping organisations reduce their time to compliance, provide greater protection, and reduce costs."
An essential part of protecting the corporate network includes ensuring that devices that connect to it are secure both off and on the network. The McAfee Standard Encrypted USB v.2 ensures the safety of data in transition. This password-protected USB storage device provides a high standard of encryption (AES 256) at an affordable price. The product features optional data destruction following password authentication failure and zero-footprint technology.
"This is encryption for everyone," Van Niekerk explains. "From individuals to medium sized businesses to large enterprises – everyone needs to protect what they value. Today McAfee is ensuring that customer data will stay safe, regardless of whether a USB device is lost or stolen."
The McAfee Standard Encrypted USB ensures enforcement of company password policies through the management of password rules. One of the key benefits is to reduce the internal threat posed by employees who may not be adhering to company security policies. If the device is lost, the company is able to prove to the compliance authorities that the data was encrypted and password protected.