McAfee Extends Data Protection To The Web And The Cloud

Unified Cloud Edge will make it possible for organizations to define a single data protection or threat prevention policy and have the rules applied consistently across the device, the network and the cloud.

McAfee has brought together its cloud, web and data security capabilities to better monitor everything that's happening in different cloud environments that the user could be accessing.

The Santa Clara, Calif.-based platform security vendor said Unified Cloud Edge will make it possible for organizations to define a single data protection or threat prevention policy and have the rules applied consistently across the device, the network and the cloud, according to Ash Kulkarni, executive vice president and chief product officer for McAfee's enterprise business group.

"Threats don't just stay within the perimeters anymore," Kulkarni told CRN.

[Related: McAfee In Talks About IPO That Could Raise At Least $1B: Report]

Having consistent coverage requires a very tight, integrated experience across Data Loss Prevention (DLP), Secure Web Gateway (SWG), and Cloud Access Security Broker (CASB) tools, Kulkarni said. Integrating identity and access management into the mix ensures that organizations have a single back-end point of control for the entire ecosystem, according to Kulkarni.

The single policy definition rule engine offered by Unified Cloud Edge means that businesses only have to define their rules once before having have them executed consistently across the endpoint, network, SWG and CASB, Kulkarni said.

For instance, Kulkarni said companies want to ensure sensitive files are safeguarded regardless of whether a user is attempting to move it from a local machine to a USB stick or if they're seeking to relocate it from a company OneDrive account to their personal Dropbox account.

Similarly, Kulkarni said businesses want to make sure that command and control malware websites identified through threat research aren't accessible either from a company laptop or from an employee's personal iOS or Android smartphone that's being used remotely.

Unified Cloud Edge goes beyond having businesses define their policies in one place and applying them consistently to address incident management, Kulkarni said. The offering provides customers with a comprehensive view of all their threats regardless of where they were encountered so that organizations have the ability to take action in a prioritized way, according to Kulkarni.

Businesses are covered by Unified Cloud Edge regardless of the vector through which adversaries are attempting to exfiltrate the data, according to Kulkarni. This is extremely challenging for an organization to do on its own since the potential attack vectors companies have to deal with are constantly evolving and changing, Kulkarni said.

"Using individual point products always leaves gaps," Kulkarni said.

Unified Cloud Edge massively reduces the load on security organizations by giving them a single place to go and ensure that all incidents have been dealt with appropriately, Kulkarni said.

For example, Kulkarni said a company might want to make sure that users can't in any way, shape, or form exfiltrate a file containing employee salary data. If a potentially problematic user attempted to copy that data onto a locally connected USB drive, Kulkarni said Unified Cloud Edge's DLP tool would block that from happening.

Similarly, if the user emailed the file to themselves via Office 365, McAfee's CASB product will see that the file has been flagged as sensitive by the DLP tool and prevent the email from being sent. And if the user attempted to copy the file from a local folder to an unsanctioned app such as Box, the http callout would have to go through McAfee's web gateway, which would block the action based on the DLP rules.

W. Capra Consulting Group has known for quite a while that McAfee has a good DLP product but wasn't sure where DLP fit into the company's overall go-to-market strategy, according to Matt Beale, managing partner at the Chicago-based solution provider. Integrating DLP with CASB and SWG through Unified Cloud Edge provides channel partners with a major opportunity, Beale said.

Customers that have already implemented DLP typically love it, but Beale said it's often a difficult sell due to the level of consulting that's required. Moving DLP from being offered only on-premises to now being made available as a cloud-based product is more in line with where the market is going and should increase the product's effectiveness at stopping data from leaking out of an environment, Beale said.

"We're excited to have DLP gain more traction," Beale said.