McAfee Buys Onigma

The security software maker introduces an initiative to help simplify and centralize management of apps.

McAfee on Oct. 16 launched a new corporate strategy aiming to help companies integrate their IT defenses for fighting external attacks and for managing internal compliance. Part of that expanded effort is a $20 million buyout of data leak prevention software maker Onigma. The purchase was announced the same day as McAfees strategy launch.

Officials with McAfee said customers are increasingly looking for ways to integrate technologies for preventing outside attacks from threats such as malware with tools used to maintain compliance with government and corporate security regulations.

To meet this demand, McAfee introduced a new companywide initiative to help companies simplify and centralize management of security applications. The buy of Onigma is part of the initiative.

Onigmas software monitors data usage for unusual behavior and reports potential information theft or misuse to authorities to prevent confidential data from leaving companies.

The deal already has been completed. McAfee immediately integrated Onigmas content-based data loss prevention technology, announcing a new host-based information leakage prevention product dubbed McAfee Data Loss Prevention. The package is designed to protect against the unauthorized transfer of data within or outside networks.

The product boasts the ability to protect information from unauthorized use by disallowing sensitive data from being copied and pasted from one file format into another, taken via screen capture, or saved into .zip files and encrypted.

The software also prevents inappropriate transmission of protected data between laptops and portable storage devices. McAfee also has integrated the application set with its Secure Messaging Gateway to prevent data loss on mobile devices.

McAfee officials said the acquisition is vital to the companys broader risk management strategy because many companies that have installed data leakage prevention tools at their network gateways are also seeking host-based technologies such as Onigmas—use of which is the only way to provide the most comprehensive form of data protection, said Vimal Solanki, senior director of product marketing at McAfee.

In addition to the Onigma buyout, McAfee said the technologies garnered via its recent acquisitions of Preventsys and SiteAdvisor, as well as its pending deal to take over Citadel Security Software, give it an industry-leading capability to integrate threat prevention with compliance management technologies for enterprises.

As part of its new strategy, McAfee will look to market more of its traditional anti-virus, intrusion prevention and anti-spyware products together with the compliance management capabilities gained through its buyout spree, which include policy enforcement, vulnerability remediation, NAC (network access control), systems auditing and data loss prevention.

One analyst said McAfees buyout and move into the data leakage prevention market come at an opportune time, as interest in the technologies and vendor consolidation in the space continue to increase.

"There is definitely a tie between leak prevention and compliance, so it makes sense that McAfee would jump into this space, [as] it fits with their recent interest in control and compliance," said Richard Stiennon, an analyst with IT-Harvest, in Birmingham, Mich., in a research note. "Of course, acquiring a leak prevention company is one-third of executing on a data protection strategy. [Other] potential targets for acquisition [may include] Entrust for encryption, or Safend."