Doug Cooke, sales and engineering director at Santa Clara, Calif.-based McAfee Inc.’s Canada office, says recent enhancements to their enterprise security suite aim to better bring execs into the loop.
“We’re gathering all this information, and one of the things we can do with our Risk Advisor product, is take all that information and then summarize it for the more senior people,” says Cooke.
In a lot of ways, he thinks it can cut down on costs and wasted time by allowing high-level executives to be presented with the company’s full “security posture.”
“Not only can we tell you the assets and what’s vulnerable, but we can also take into consideration the counter-measures that may be on those systems,” he says.
This can lead to more accountability for IT management, and also save the hassle in putting out fires that aren’t there, says Cooke.
According to Stephan Corbeil, team lead for hosted services at StatPro North America, anything that can help automate IT, and specifically security, is usually a good thing. “If you can automate something, do it. Automation is great because it mitigates the ‘human error’ aspect of IT,” says Corbeil. “It also takes work away from the administrators who should be focusing on infrastructure improvements and upgrades.”
Corbeil also agrees that having “a single console or ‘pane of glass’ can drastically reduce time and effort.”
“If each component speak to one another in a way that they can collectively identify risk or problems, then the risk mitigation will be greatly improved,” he says. Giving executives more insight on security can actually be a benefit to IT as well, he says.
Another part of McAfee’s update is “application awareness” for Risk Advisor. Cooke says that McAfee “can now see the applications that are running, whether it’s Microsoft Office or Adobe Acrobat” and report back vulnerabilities in these types of common programs.
All of this new data can empower executives and IT to make better decisions prioritizing which applications need patching first. On Patch Tuesdays, when Microsoft sends out the Windows patches for that month, “the security administrators have to look at that information and engage what the risk to their organization is and whether or not they need to patch immediately or whether they can wait to their next patch cycle.”
“The charts we give allow you to look at each one of the new vulnerabilities announced by Microsoft and give you a pie chart that says, ‘this percentage of systems are vulnerable but the rest are OK.’”
While this is a good thing, Corbeil says that it’s important that it isn’t relied on soley, because “automated fixes carry huge risk, like false positives and spoofing.”
Besides the insight this update provides, Cooke also says that there is now better integration between McAfee’s SaaS cloud-based product and the ePolicy Orchestrator. In situations where the SaaS is implemented as well as the larger ePolicy infrastructure, it’s now easier to make broad changes across the entire diversified network, keep track of all assets and identify vulnerabilities.