Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

3/23/2010
02:32 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

McAfee Rolls Out Next-Generation DLP

McAfee Data Loss Prevention technology is planned to include a common policy across all components, database crawling

SANTA CLARA, Calif., March 22, 2010 " McAfee, Inc., announced plans for the latest version of its data loss prevention solution that addresses growing concerns about the security of regulated data and sensitive information. McAfee Data Loss Prevention technology is planned to include a common policy across all components, database crawling, easier workflow through the McAfee' ePolicy Orchestrator' platform and greatly improved support for Microsoft Active Directory. Built upon unique data analytics technology, McAfee Data Loss Prevention technology provides comprehensive data protection -- from the USB drive to the firewall and beyond.

The Data Loss Prevention (DLP) market is rapidly growing, fueled by ever increasing government and industry regulations and businesses emphasizing the importance of protecting valuable corporate data such as product plans, financial records and intellectual property. Until now, the DLP customer has had to endure such challenges as large amounts of build-out time, cost and effort. McAfee Data Loss Prevention technology changes the game by delivering industry-leading data protection quickly and efficiently. Organizations now have a way to meet their data security needs without the huge expense of endless rounds of consulting and trial and error tuning.

"We found that because the system captures all of the data we can do more with McAfee Data Loss Prevention than other products on the market," said Mark Moroses, Assistant CIO for Continuum Health Partners in New York. "This is a unique capability and we use it extensively. The system doesn't just present us with a static view of user rule violations; it allows us to go back in the past and look for patterns of behavior and abuse. This capability has enhanced our ability to investigate incidents more thoroughly and in less time. Our team can now rapidly access more information related to an incident and they can review the past activities of the user under investigation as well. The system gives us the peace of mind that we are not missing anything. This is essential because interrogating anything less than 100% of the information is unacceptable."

McAfee Data Loss Prevention Technology Differentiators:

* Ease of Deployment " Deployment can occur within days as opposed to the typical six to nine month period, allowing organizations to immediately test policies against corporate data and achieve faster time to value. Advanced and intuitive data analytics lets IT departments gain knowledge of unknown data risk and understand how to quickly and effectively protect corporate data. * Management " Users have an easy workflow to manage data incidents from ePolicy Orchestrator platform, a single console which supports case management, configuration, reporting, monitoring while providing historic data-use insight, that can be centralized or delegated to best suit specific user requirements. * Integration " Tight integration between McAfee Data Loss Prevention technology and the rest of the McAfee data protection portfolio allows for automated responses to threats in a coordinated way. Integration with leading rights management technologies such as Adobe allows the protection of sensitive data to extend beyond the boundaries of the enterprise, increasing security and confidence and enabling the flexible business to thrive. * Proactive " Advanced data analytics gives customers deep understanding about how their data is used allowing them to better anticipate problems that would otherwise go undiscovered.

According to Gartner, "Organizations have always struggled to balance security and privacy needs with the needs of the business. IT has long sought to enable the business, and now risk management and security must follow suit. We need to learn to embrace transparency, and accommodate the two-way flow of information rather than fearing it. In addition to protecting information, we also need to learn how to enable and guide the appropriate use of information. This is essential if we're going to take advantage of opportunities as we prepare for the return to growth."[1]

The McAfee approach to DLP is unique because it is delivered via pre-integrated, hardened appliances and a host agent that is simply pushed via the ePolicy Orchestrator platform, so data is protected in days, not months. That same ease of use also applies to policy creation, delivering a wealth of knowledge about how data is actually used -providing the ability to test policies against actual data history before putting them into production. Due to this, policies are right the first time without guesswork, costly consulting or the business disruption caused by false positives. That historic data knowledge can also be used to accelerate incident investigations which can be completed in minutes and allows for deep understanding about how organizations use data.

"Due to limitations inherent in legacy DLP solutions, organizations have had to take a brute force approach to protecting data," said Gerhard Watzinger, executive vice president and general manager of McAfee Data Protection Business Unit. "These approaches are like using a sledge hammer to crack a nut and are usually used because of the high cost and complexity with deployment of traditional DLP. With McAfee Data Loss Prevention technology we can now enable the deployment of DLP that is cost effective and quick to value."

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee is committed to relentlessly tackling the world's toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26814
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...
CVE-2021-27581
PUBLISHED: 2021-03-05
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVE-2021-28042
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
CVE-2021-28041
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
CVE-2021-3377
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.