Securing the distributed enterprise: Are you flying blind?

As a pilot, flying an aircraft, visibility is fundamental.  In cyber security, our needs are just as fundamental: You can’t protect what you can’t see.

In the past, we relied on visibility and controls at the edge of the network – the perimeter. But today, that perimeter is dissolving, and fast. We live in a world where our workforce can operate inside and outside the boundaries of the enterprise, and as a result we’re facing new challenges.  Organizations have lost visibility, and since they can’t protect what they can’t see, they are losing control.

The cloud plays a major role in the transformation of many software segments in the IT landscape, driven by productivity improvements and by reductions in total cost of ownership.   Just look at Enterprise Resource Planning (ERP) and Enterprise File Storage as examples.  For IT Security the opportunity is twofold: we have an opportunity to drive productivity by delivering security services from the cloud, but at the same time it remains our responsibility to monitor and protect critical assets. [1] Gartner predicts that 27% of IT traffic will bypass traditional perimeters by 2021, up from only 10% today, driven by the growing adoption of SaaS services.  It’s not practical to build a security posture with each SaaS vendor, the enterprise doesn’t have the resources or tools to keep up with the variances that exist.

Our strategy at McAfee is to automate the threat-defense lifecycle by taking an integrated approach, an example is bringing together the dynamic endpoint with cloud-delivered security services in order to bring visibility and control back to the enterprise.  A deep union between the two is essential to protecting users from advanced threats and protecting data as we move forward in this growing “as-a-service” world.  Customers will benefit from richer real-time visibility and control, through integration of contextual factors that span threat detection and data protection delivered across McAfee’s data exchange layer, while being able to administer unified policies across the endpoints and the cloud.  What does this actually mean?  It means that enterprises will be able to keep more threats out, detect new ones faster, and at the same time protect data living across multiple environments.

In a blog post last week, we talked about the dynamic endpoint.  Today, let’s take a deeper look at McAfee’s strategy for cloud security services.  Users leverage the web from multiple devices to access the internet, including file storage services and SaaS applications making them prone to threats from the web and critical data at risk of leakage. By bringing advanced web security, data protection, and security management together as services delivered from the cloud, McAfee will deliver ubiquitous visibility and unified policies across a range of interrelated security technologies in order to protect users and data across an ever-changing landscape, both on and off corporate networks.  Let’s break this down into two symbiotic capabilities.

First, McAfee’s distributed cloud edge provides regional coverage, while minimizing user latency.  The architecture is global and elastic, offering coverage in more than 40 countries with the ability to spin up new instances in as little as 15 minutes as needed.  Organizations can re-direct and inspect traffic from traditional computers, mobile devices, and network devices.   As I mentioned earlier, enterprises will regain the visibility through over ten contextual factors between the endpoint and the cloud, such as the security posture of a device, source and destination of the data, risk rating of the application, web reputation, dlp classification and by tying it together will have a more complete picture.  The administrator is then able to take actions across multiple control points, traditional computers, mobile devices, cloud services and actions that span monitoring, blocking and encrypting.  By combining threat detection and data protection together, the ultimate goal is better protection, faster detection, and automated correction to deliver a better security outcome.

Second, a cloud security core to provide security management.  We have embarked on a journey towards an integrated user experience, to drive ubiquitous visibility, control and workflow automation in order to deliver better security and productivity as an outcome for our customers.  By developing the security management capabilities from the cloud, we streamline and simplify enterprise deployments.  Just think what work life would be like if you didn’t have to deploy and upgrade management software tools and could be assured that you always had the latest running.  Couple this with automation of the security workflows themselves.  Today, a security professional uses manual processes to look at the data across disparate consoles, then manually analyzes what it means in the time available, then, where actionable they define rules that are pushed to enforcement points, many times over. What if much of that could be automated through a self-learning system?  What would you do with the time you gain back?  More to come on this at a later time….

 

McAfee Cloud Security Platform

 raja-blog-photo

An integrated approach to security has many benefits for the enterprise. Below are the top differentiators for why you should consider partnering with McAfee:

  • Consolidation: Advanced Web Security, Cloud Application Visibility & Data Protection are all elements of a single solution, not four discrete solutions. Advanced Web Security is a combination of Web Security and Sandboxing, meant to protect from web threats.  Advanced Web Security powers cloud application visibility through knowledge of what users are doing, which powers cloud application visibility. Once enterprises gain back that visibility, the value moves to protecting the sensitive data.
  • The Union between Endpoint & Cloud: With over 90 Million endpoints already protected, combining them with a rich set of security services delivered from the cloud across threat detection and data protection, we are able to provide rich visibility and extensive controls in order to increase the overall security posture of an organization.
  • Management & Orchestration: McAfee ePolicy Orchestrator, is moving to the cloud, enabling security administrators to gain a unified user experience across threat detection and data protection.  By moving management to the cloud we ultimately will provide a more simplified, automated management platform across a wide array of solutions.

Leonardo Da Vinci once said, “Once you have tasted flight, you will forever walk the earth with your eyes turned skyward, for there you have been, and there you will always long to return.”  The same is true for the enterprise: we’ve tasted mobility and we’ve tasted software as service and there is no turning back.  We simply need to gain visibility and therefore control in order to help our customers improve their security posture.

Please join me and the McAfee team at FOCUS 2016 as we demonstrate to you the solutions we have been developing to automate the threat defense lifecycle.

All the best,

Raja

McAfee, the McAfee logo, McAfee® ePolicy Orchestrator® (McAfee® ePO), McAfee® ePolicy Orchestrator Cloud (McAfee Cloud ePO ) are trademarks of McAfee Corporation or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others.

 

NOTICE:  The information contained in this document is for informational purposes only and should not be deemed an offer by McAfee or create an obligation on McAfee. McAfee reserves the right to discontinue products at any time, add or subtract features or functionality, or modify its products, at its sole discretion, without notice and without incurring further obligations.  Performance achievement objectives stated throughout this document assume certain environment configurations and are only representative of what we want to achieve, not a statement of current performance.

 

1]Gartner: 5 Steps to Closing SaaS Security Gaps