McAfee is taking a swing at securing cloud environments with a new service aimed at software-as-a-service providers.
Dubbed the McAfee Cloud Secure program, the service is essentially designed to compliment annual audits of security and process controls many cloud vendors undergo for certification purposes. With McAfee Cloud Secure, McAfee officials said they will partner with certification providers and offer an additional layer of security by providing a daily scan of application, network perimeter and infrastructure vulnerabilities.
Those that pass will receive a “McAfee SECURE” stamp of approval.
Securing cloud environments was one of the big topics at the RSA security conference earlier this month. According to a survey by IDC on attitudes towards the cloud, 87.5 percent of participants said security concerns were the most significant challenges to cloud adoption.
“SAAS vendors have a difficult time convincing prospects that their services are secure and safe,” said IDC analyst Christian Christiansen in a statement.
The McAfee offering is a step in the right direction however, he said.
While McAfee and other vendors have talked in the past about providing security from the cloud, this announcement marks an example of a growing focus in the industry on providing solutions to secure cloud environments themselves.
“McAfee looks at the cloud really from three different angles, which is security from the cloud, in the cloud and for the cloud,” explained Marc Olesen, senior vice president and general manager of McAfee’s software-as-a-service business, in an interview with eWEEK.
“What’s really been out there today are (annual) process certification audits…that address the process controls and security controls that cloud providers have in place,” Olesen said. “This has typically been an ISO -27001 certification or an SAS-70 certification that cloud providers are using, and we feel that that’s very important, but it’s just a start.”