McAfee Inc. has upgraded its data loss prevention suite, which is geared toward companies looking to comply with regulatory requirements or firms interested in protecting sensitive internal data.
The new additions in McAfee Data Loss Protection 9.0 — which will be integrated to work with the company’s ePolicy Orchestrator platform — include improved time to deployment, tight integration with the rest of McAfee’s data security products, database crawling and analytics capabilities, which are designed to help alert administrators to potential security holes.
Rather than taking a few months to set-up, McAfee said that the new offering can be operational for most businesses within a matter of days. The toolset also comes with better support for Microsoft Active Directory and will integrate with Adobe and Oracle access rights management tools, the company said.
Howard Price, group product marketing manager for McAfee’s data loss protection group, said the reworked tool is a direct result of recent DLP-related acquisitions, including Onigma in 2006 and Reconnex in 2007.
Integrating these products will simplify the company’s portfolio and allow IT administrators to set common policies for hosted and network products in a single console, he said. With the upgraded DLP tool, users will be able to support case management, make configurations, conduct reports and fully monitor their environments from ePolicy Orchestrator, Price said.
“Other DLP solutions that exist on their own have some use, but they can be limited,” he said. “For DLP to be really useful, it has to be integrated into other data protection technology, including encryption.”
All this focus on tight integration, Price said, allows for fast, automated responses to threats. This means that DLP effectively becomes the central controlling solution for device control, encryption, USB device management and other areas of coverage in the McAfee suite of products.
“The other products become context-aware,” Price added.
Earlier this month, a Ponemon Institute survey of 367 IT practitioners and 325 non-IT business managers from Canadian enterprises, found that 62 per cent of responding Canadian business managers said encryption makes other data security measures unnecessary and irrelevant. This compares to 44 per cent of surveyed Canadian IT leaders who answered the same way.
For David Senf, director of the infrastructure solutions group at IDC Canada Ltd., the results highlighted the extremely low understanding many business managers have about security threats and vulnerabilities.
“The fact that encryption shows up as something business managers feel is the ‘be-all-and-end-all’ to preventing data loss is absurd,” he said. “But it’s a reality that our data continues to show as well.”
Senf said that while encryption is an important and necessary tool to enterprise security, it’s absolutely not a complete defence strategy.
Blanket encryption, Price said, can be just as impractical as weak encryption policies.
“If you’ve got an e-discovery motion against you and you 72 hours to respond, it could take that long to find your data with blanket encryption,” he said.
Encryption integrated with other DLP and policy security tools is the only way to effectively protect data, Price added.