McAfee is to enter the data loss protection market with software designed to guard sensitive information from unauthorised access and transfer at the network, desktop and notebook levels.
The McAfee Data Loss Prevention Host will monitor data leaving the network via e-mail, IM, printed documents, USB drives, CD-ROMs and other methods, says Vimal Solank, senior director of product marketing with McAfee. The software sends up alerts when data deemed sensitive - such as financial documents, customer information, source code or other intellectual property - is accessed, copied or sent without authorization.
McAfee said its offering differed from gateway-only products that blocked data from leaving the corporate network at the edge but can't prevent unauthorised copying from a notebook computer to a USB drive, for example.
"Our strong belief is the solution must reside where the data is," says Solanki. "The solution focuses on preventing data loss at the server, desktop and laptop."
With this new product launch, McAfee enters a young but now-crowded market of data loss protection vendors that includes Vontu , Vericept, Websense (which acquired PortAuthority in January), Oakley Networks and many others. This market is quickly growing because data loss protection, or data leak prevention as some call it, has become a significant concern for enterprises of late, says one analyst.
"Security and compliance challenges around information protection and the insider threat have evolved over the past 24 months," says Jonathan Penn, vice president and research director at Forrester Research, in a December report. "Organizations are increasingly interested in their employees' computer activity and are often more concerned about sensitive information leaving their premises than about people getting viruses through email or using the Internet inappropriately."
McAfee's Data Loss Prevention Host comes with a set of default policies that dictate what data should be considered sensitive; for example, documents marked confidential. These policies also say that, for example, email messages with more than three Social Security numbers in them should be flagged, as should all communications with the organisation's competitors, said Solanki. In addition, the software learns what specific information a company deems sensitive, taking into consideration federal, industry and corporate regulations.
Administrators could also set policies that determined what action is taken once sensitive information has been copied or sent out of the organisation, Solanki continues. Companies can have the software prevent an action from happening and gather the evidence that an attempt was made, or have a pop-up screen appear that confirms the user wants to perform the task, or simply monitor usage. Policies could vary by employee, he said.