McAfee Touts Better Endpoint Protection

McAfee today introduced a new utility as part of its ePolicy Orchestrator
that will make it easier to provide an audit trail when something inevitably
goes wrong. The security firm also unveiled a new type of USB drive designed to prevent data loss.

Separately, the company issued a listing of the most dangerous top level
domains (TLDs) that’s sure to draw some protests from China.

The two new products announced today are McAfee Policy Auditor 5.0 and
McAfee Encrypted USB. Encrypted USB marks McAfee’s entry into the hardware
space with USB flash and hard drives with special security authentication.
It’s a product that was in development by the company SafeBoot when McAfee
acquired the firm last year and is just now coming to market.

A common problem in data loss is employees putting data they shouldn’t on
the ubiquitous USB thumb drives, which routinely feature 1 GB capacity or more at the low end these days. With this device, contracted out by McAfee (NYSE: MFE) to a hardware maker, if a device is lost, the data is inaccessible.

The drives are USB 2.0-compatible with AES 256 security and the
capability of two-factor encryption. This encryption can include RSA tokens
or biometric security in addition to passwords.

“This is targeted at users who need to use USB drives, who need the
portability, but you want to protect it so if the device goes missing, the
information on it is useless because it’s all encrypted,” Chris Parkerson,
group solution marketing manager for data protection at McAfee told

There will also be support for external USB hard drives in 250GB, 500GB
and 750GB, offering the same two-factor security. The only prices available
are for the 1GB USB flash drive ($74.99) and 2GB drive ($119).

Policy Auditor 5.0 works with McAfee’s ePolicy Orchestrator, which is
used in all of McAfee’s products, including its flagship Antivirus product.
Policy Auditor 5.0 uses open security standards like XCCDF (Extensible
Configuration Checklist Description Format) and OVAL (Open Vulnerability Assessment Language).

These specs audit the computer to check what security measures have been
taken on the endpoint device, most notably the laptop, since they are more
likely to be lost than desktops. Policy Auditor runs on the clients and
sends reports to ePolicy Orchestrator, so if there is a problem, there is an
audit trail of proof that the laptop has been secured with things like drive
encryption, two-factor authentication or data backup.

Parkerson said that most data loss prevention tools secure the network,
but not the end points, and those are what often get lost. After a data
breach, an audit is done and there is no trail to show the laptop has been

“We hear from all these customers that they spent all this money on
security and still have data breaches, but they can’t prove their security
steps. As far as an auditor is concerned, it’s like you did nothing,” he

The Deadliest Domains

McAfee also released “Mapping the Mal Web Revisited,” a look at 9.9
million Web sites in 265 top-level Internet domains (TLDs). It seems tainted
food isn’t the only bad stuff coming out of China. Their TLDs need some
cleaning, too.

The report found that 19.2 percent of all .hk Web sites, the Hong Kong
TLD, had some kind of security threat to Internet users. Second on the list
was the .cn TLD, which belongs to the mainland, with 11 percent of domains
checked carrying an infection. All told, China had almost 30 percent of
infected Web sites.

Page 2 of 2

Part of the problem is that registering a domain in China is extremely
cheap and encouraged. So people register sites for pocket change and there
is very little checking. China is a growing economy but it does not have the
level of sophistication in security as Western nations do.

The top domains ranked in terms of the prevalence of dangerous downloads
are .info, the generic information domain, with 21.95%, Hong Kong at 19.2
percent, Russia’s .ro at 14.18 percent, Samoa’s .ws at 12.5 percent, the
business domain .biz at 11.64 percent and .cn at 10.75 percent.

Last year’s worst
, the tiny South Pacific island Tokelau (.tk), really cleaned up
its act. It went from first place to 28 out of 74 after revising its policy
to allow unlimited, free, anonymous registration of .tk domains.

“Vast parts of the Web are quite safe to visit, but many neighborhoods —
big ones and small ones — put every visitor at risk of an online mugging,”
said the McAfee report, which is available in PDF

News Around the Web