McAfee today introduced a new utility as part of its ePolicy Orchestrator
that will make it easier to provide an audit trail when something inevitably
goes wrong. The security firm also unveiled a new type of USB drive designed
to prevent data loss.
Separately, the company issued a listing of the most dangerous top level
domains (TLDs) that’s sure to draw some protests from China.
The two new products announced today are McAfee Policy Auditor 5.0 and
McAfee Encrypted USB. Encrypted USB marks McAfee’s entry into the hardware
space with USB flash and hard drives with special security authentication.
It’s a product that was in development by the company SafeBoot when McAfee
acquired the firm last year and is just now coming to market.
A common problem in data loss is employees putting data they shouldn’t on
the ubiquitous USB thumb drives, which routinely feature 1 GB capacity or
more at the low end these days. With this device, contracted out by McAfee
(NYSE: MFE) to a hardware maker, if a device is lost, the data is
The drives are USB 2.0-compatible with AES 256 security and the capability
of two-factor encryption. This encryption can include RSA tokens or biometric
security in addition to passwords.
“This is targeted at users who need to use USB drives, who need the
portability, but you want to protect it so if the device goes missing, the
information on it is useless because it’s all encrypted,” Chris Parkerson,
group solution marketing manager for data protection at McAfee told
There will also be support for external USB hard drives in 250GB, 500GB
and 750GB, offering the same two-factor security. The only prices available
are for the 1GB USB flash drive ($74.99) and 2GB drive ($119).
Policy Auditor 5.0 works with McAfee’s ePolicy Orchestrator, which is used
in all of McAfee’s products, including its flagship Antivirus product. Policy
Auditor 5.0 uses open security standards like XCCDF (Extensible Configuration
Checklist Description Format) and OVAL (Open Vulnerability Assessment
These specs audit the computer to check what security measures have been
taken on the endpoint device, most notably the laptop, since they are more
likely to be lost than desktops. Policy Auditor runs on the clients and sends
reports to ePolicy Orchestrator, so if there is a problem, there is an audit
trail of proof that the laptop has been secured with things like drive
encryption, two-factor authentication or data backup.
Parkerson said that most data loss prevention tools secure the network,
but not the end points, and those are what often get lost. After a data
breach, an audit is done and there is no trail to show the laptop has been
“We hear from all these customers that they spent all this money on
security and still have data breaches, but they can’t prove their security
steps. As far as an auditor is concerned, it’s like you did nothing,” he
The Deadliest Domains
McAfee also released “Mapping the Mal Web Revisited,” a look at 9.9
million Web sites in 265 top-level Internet domains (TLDs). It seems tainted
food isn’t the only bad stuff coming out of China. Their TLDs need some
The report found that 19.2 percent of all .hk Web sites, the Hong Kong
TLD, had some kind of security threat to Internet users. Second on the list
was the .cn TLD, which belongs to the mainland, with 11 percent of domains
checked carrying an infection. All told, China had almost 30 percent of
infected Web sites.