SAN FRANCISCO -- Intel Corp. and its subsidiary McAfee on Friday unveiled a cloud security strategy they hope will overcome enterprise security concerns about cloud computing by bringing
The goal of the McAfee-Intel cloud computing security strategy is to “make sure, whether it’s public or private cloud, that security can be as good, if not better than, traditional enterprise security,” Jason Waxman, general manager of Intel’s cloud infrastructure group, said at a media briefing.
A survey conducted by Intel of 800 IT pros in the U.S., UK, China and Germany recently showed security remains the top cloud computing concern for enterprises, he said. Fifty-five percent said they’re concerned about a lack of data protection in public clouds and 57% said they won’t put regulated data into either public or private clouds.
Even though many large public cloud service providers do a good job with security, Waxman said, “the reality is there’s a perception” that cloud security is lacking. “If we don’t find a way to give them [cloud users] that visibility, they won’t move to the cloud,” he said.
Waxman said Friday’s event was the first time Intel and McAfee had publicly unveiled their joint work. Intel acquired McAfee in 2010 for $7.7 billion. The deal was completed last year.
The McAfee-Intel cloud security strategy encompasses data centers, the network connections and the devices that connect to cloud services. At Friday’s briefing, Waxman and Greg Brown, CTO of cloud and data center solutions at McAfee, showed how various Intel and McAfee products can help secure these three areas.
Organizations wanting to deploy applications in a public cloud environment where they don’t own the hardware need a way to audit the integrity of servers, Brown said. McAfee’s ePolicy Orchestrator security policy management software can be used to check whether a cloud server is secured with Intel Trusted Execution Technology, providing that integrity check, he said.
Waxman said McAfee Management for Optimized Virtual Environments (MOVE) AntiVirus, which provides threat protection for virtual servers and desktops, allows organizations to ensure they maintain a high level of virus scanning in the cloud data center.
On the device side, Intel and McAfee aim to reduce the risk to cloud security posed by the BYOD trend with a collection of technologies to identify users and protect data. The products include Intel Identity Protection Technology, which provides hardware-based multifactor authentication, and McAfee Cloud Identity Manager, which provides SSO and strong authentication for cloud applications such as Salesforce.com.
Intel and McAfee also are working with industry groups and standards bodies to promote cloud security standards.
Amy DeCarlo, principal analyst at Current Analysis, wasn’t at Friday’s briefing but said the companies are moving in an interesting direction. Since the acquisition, Intel and McAfee have been relatively quiet about what they were going to do together, other than speaking at a high level about embedding more security capabilities at the processor level, she said.
“Basically what they’re talking about is the ability to pull together these technologies. There’s nothing new as far as actual product but they are looking at how they can integrate these capabilities in a real world model specifically for the cloud,” DeCarlo said. “Both of them have all of the foundational technologies to do this. To pull them together not necessarily as an integrated technology solution but as a strategy could make long-term sense.”