Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

McAfee Launches Security Platform for Azure Cloud

Migrating to the cloud is complex. One of the biggest concerns is a loss of visibility on data in the cloud; and this concern only grows with increasing regulatory requirements. GDPR, coming into force in less than 3 months time, is a case in point.

Migrating to the cloud is complex. One of the biggest concerns is a loss of visibility on data in the cloud; and this concern only grows with increasing regulatory requirements. GDPR, coming into force in less than 3 months time, is a case in point.

Cloud access security brokers (CASBs) can improve visibility and control, but aren’t necessarily tailored to a specific cloud. Today, McAfee announced the first product resulting from its purchase of Skyhigh Networks, finalized in January 2018: the McAfee Skyhigh Security Cloud for Azure.

“Moving applications, data and workloads to the cloud exposes enterprises to new threats and risks,” explains Rajiv Gupta, SVP of McAfee’s cloud security business unit. “At the same time, the adoption of cloud allows organizations to transform their business. This is why we are on a mission to make cloud the most secure environment for business. The introduction of McAfee Cloud Security Platform for Microsoft Azure is an important step to fulfilling this mission for our customers.”

The new product offers five particular use cases for Azure users: configuration and compliance audit, activity monitoring, threat protection, DLP, and account management.

The configuration element detects misconfigurations in any Azure account. AWS S3 bucket misconfigurations have exposed millions of sensitive records in recent years, and in some cases left the accounts vulnerable to a MITM attack dubbed GhostWriter.

Detected misconfigurations can be corrected using McAfee best practices; CIS benchmark recommendations for Azure; and compliance recommendations for HIPAA-HITECH, ISO, FedRAMP, ITAR, other regulations, or internal compliance policies. “The solution can help with an organization’s attempts to meet the GDPR regulations — that are coming into force in less than 50 working days,” said Nigel Hawthorn, EMEA marketing director at McAfee.

The activity monitoring element provides the visibility that can otherwise be lost in the cloud. It monitors both managed and unmanaged subscriptions, and captures a full audit trail of all activity. “We now have the visibility and control we need to be able to allow access to the cloud-based tools our employees need to be competitive and efficient, without compromising our security standards,” comments Rick Hopfer, CIO at Molina Healthcare.

Threat protection is provided by AI-based user behavior analytics and signature-less, advanced malware analysis. Anomalous user behavior can highlight insider threats and unwarranted privilege escalation; while McAfee anti-malware will detect malware traveling into the cloud, and identify behavior indicative of malware data exfiltration or ransomware activity.

Advertisement. Scroll to continue reading.

Data loss prevention (DLP) will help prevent unauthorized regulated data from being stored in Azure storage services — which will be critical to maintaining GDPR compliance. McAfee’s content analytics engine can be used to discover sensitive data stored in Azure services, using keywords and phrases, alpha-numeric patterns, file metadata, and more. It “allows us to extend DLP outside the perimeter and into the cloud and the user experience is seamless,” says Mike Benson, CIO at DirecTV.

Account management is provided by McAfee’s central policy engine, which aids the development of policies that can be enforced on new and pre-existing content, user activity, and malware threats. Options include the use of pre-built templates, the ability to import policies from other McAfee customers or partners, and a policy creation wizard to create custom policies to conform with corporate or regulatory requirements.

Security in the cloud is a shared responsibility between the cloud provider and the customer. It is a common failure to recognize this that leads to the misconfigurations so commonly found in AWS S3 buckets. In reality, both AWS and Azure have multiple flexible options for file and folder access — and data protection problems are often based on this flexibility. The new McAfee/Skyhigh Azure solution is designed to remove confusion and apply customer visibility and control into the Azure cloud.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.