Security Market Segment LS
Wednesday, 26 June 2019 17:31

Be data-centric to secure the cloud: McAfee exec

McAfee MVision Cloud Asia Pacific regional director Joel Camissar McAfee MVision Cloud Asia Pacific regional director Joel Camissar

"Organisations are still struggling with the rapid move to the cloud," McAfee MVision Cloud Asia Pacific regional director Joel Camissar told iTWire, but taking a data-centric view to protecting information makes it easier.

While most cloud data is within the control of IT departments (eg, in Office 365, Workday or Slack, or in applications running on IaaS), only 36% of organisations say they can enforce data protection in the cloud.

Since business units can adopt cloud services without input from the IT department, a first step is to gain visibility of shadow IT. "Without visibility, it is hard to enforce controls," Camissar observed.

This could be achieved with security platforms such as McAfee's, for example by observing network traffic patterns.

Then IT could talk to the relevant business unit along the lines of "OK, you're using this product, but what are the associated risks?" and recommend appropriate controls. Cloud security is a shared responsibility, he noted.

For example, financial services organisations may find that using collaboration software increases agility, allowing new products to reach the market more quickly. But such software also increases the risk of data leaks unless appropriate controls are applied.

These controls could be applied via a cloud access security broker such as MVision Cloud, which is based on technology that came with McAfee's 2018 acquisition of Skyhigh Networks. But only about one-third of organisations already have such a system in place, Camissar said.

There are also cost considerations. He described the case of a manufacturing company that discovered tens of different file-sharing applications were in use around the organisation. An analysis of data stored in the expenses system revealed that investing in a single, secure file-sharing service would save money as well as reducing risks.

MVision Cloud works with McAfee's on-premises data loss prevention software to ensure the consistent application of policies. For example, if someone tries to send a shared link from Office 365, the software examines the linked file so that the DLP measures are applied just as if it was sent as an attachment.

And where employees may need to download reports from SaaS systems for offline use, McAfee's security products can be used to apply digital rights management as a way of allowing only legitimate users to open the documents.

This isn't just about defending against malicious activity. Research has revealed a significant number of cases where sensitive information had been inadvertently emailed to the wrong people.

Other capabilities include checking security settings, for instance, to ensure that AWS S3 storage buckets haven't been left open for public inspection.

Organisations previously had to choose between moving rapidly to the cloud, or doing it securely, Camissar said. But thanks to products such as the MVision family, both goals could now be achieved simultaneously.


You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer


QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.



iTWire can help you promote your company, services, and products.


Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email andr[email protected]


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments