Intel and McAfee to Accelerate Cloud Adoption by Addressing Growing Security Challenges

News Fact Sheet from intel

As of May 4, 2012 — Cloud computing adoption continues to gain momentum as companies aim to become more agile and efficient, and strive to manage the growth in users, devices and data traffic. In fact, by 2015, Intel Corporation expects that more than 3 billion connected users and 15 billion connected devices will be driving more than 1,500 exabytes of cloud traffic. Meanwhile, IDC estimates that about 20 percent of all digital data – or 1,400 exabytes – will be stored or processed in the cloud.
However, even as cloud adoption increases to keep up with this growth, security remains a top concern as businesses determine how to best protect sensitive data while also meeting a growing range of compliance requirements.

Intel and McAfee provided insight into the security challenges facing IT as they consider cloud computing adoption, and discussed how they are helping businesses build new lines of defense through joint innovation and currently available solutions. The companies also outlined the areas that will have to be addressed in the future to make cloud computing safer and more secure.

IT Pain Points

To provide a deeper understanding of the issues facing IT, and how the industry can boost confidence in an organization’s adoption of cloud computing via better security practices, Intel recently sponsored an in-depth survey of IT professionals. Results showed that 61 percent of IT professionals are concerned about the loss of visibility in private clouds, 55 percent are concerned about lack of data protection in public clouds and 57 percent will not put data that require meeting specific compliance requirements into cloud datacenters. Respondents indicated that addressing these issues would enhance their confidence around security and accelerate the adoption of cloud computing in their companies.

The Solution: Intel and McAfee Joint Innovation

Together, Intel and McAfee are taking a holistic approach to address cloud security challenges and establish confidence in the use of private, public and hybrid clouds. The shared mission of Intel and McAfee is to enable worry-free cloud computing that is as secure as, or even more secure than, traditional, best-in-class enterprise IT security. Both companies are focused on four areas to deliver better security for cloud environments while also enabling a broad range of open, interoperable security solutions via industry collaboration. These include securing cloud data centers, securing the network connections, securing the devices that connect to cloud services and accelerating the development of unified standards for cloud security.

Securing Cloud Datacenters

Challenge: Today, IT managers have a high degree of control over their traditional enterprise data centers, which are bolstered by mature security tools and processes to monitor systems and perform necessary auditing to meet compliance requirements. With cloud infrastructure, IT equipment is typically virtualized and shared across multiple lines of business or even multiple organizations, resulting in reduced control of and visibility into the infrastructure security capabilities compared to traditional enterprise IT. These challenges are further amplified when using off-premise public cloud infrastructure which is managed by third parties. In addition, performing audits across private and public cloud data centers is complex, making it difficult to meet specific compliance requirements, thus lowering confidence in security.

Solution: Intel and McAfee’s focus is on improving the integrity of the infrastructure while focusing on protecting data, and delivering capabilities to make it easier to audit cloud environments to meet compliance requirements. For example, McAfee ePolicy Orchestrator (McAfee ePO) software provides consistent security-policy management across physical, virtual and cloud environments. Via custom integration, McAfee ePO software can be used to enforce policies in cloud data centers to determine, for example, whether Intel® Trusted Execution Technology (Intel® TXT) has been run or not. Intel® TXT is a hardware security solution that helps protect IT infrastructures against software-based attacks by validating the integrity of key components within an Intel® Xeon® processor E5 family-based server at startup. Other technologies available today include McAfee® Management for Optimized Virtual Environments AntiVirus (McAfee® MOVE AntiVirus), which delivers improved anti-malware and threat protection performance and resource utilization for virtual desktops and servers, and McAfee Application Control, which proactively mitigates the risk of data breaches, targeted attacks and unplanned downtime through ensuring only authorized code runs.
Future Intel and McAfee developments are expected to broaden and strengthen data protection, security enforcement and auditability across cloud infrastructures.

Securing the Connections

Challenge: Two major concerns that companies have when considering cloud computing are the possibility of data loss and the ability to restrict access to information. Users with multiple or weak passwords are a potential security hazard, and the risks and costs associated with multiple passwords are particularly relevant for any large organization leveraging cloud-based applications. Meanwhile, email and Web traffic flowing between remote offices and mobile devices used by employees can be a significant source of data leakage.

Solution: The McAfee® Cloud Security Platform improves security by protecting data, email, Web traffic and identities which are being transferred between devices and data centers.
With the McAfee Cloud Security Platform, IT departments can restrict information access by extending and applying access and security policies into the cloud. The McAfee Cloud Security

Platform takes advantage of the unique McAfee Global Threat Intelligence™ (McAfee GTI) technology to provide real-time protection against known and emerging threats. With visibility across all key threat vectors — file, Web, email and network — and a view into the latest vulnerabilities across the IT industry, McAfee correlates real-world data collected from millions of sensors around the globe to deliver the comprehensive protection for cloud connections.
In the future, the McAfee Cloud Security Platform will evolve to better protect cloud infrastructure via integrity assessments, provide asset control and protection, and enable broader auditing and network security capabilities.

Securing the Devices

Challenge: The explosive growth of devices, combined with trends such as “BYOD – Bring Your Own Device,” is creating new challenges for cloud security. These include complex identity management in which employees are managing, on average, 12 user name/password combinations, new forms of malware and a growing range of online attacks requiring new and improved levels of security for devices accessing cloud services.

Solution: To reduce these risks, Intel and McAfee are improving security of devices, such as desktops and notebooks, by protecting data and restricting access to data and applications. McAfee® Deep Defender, a joint solution developed by McAfee and Intel, represents the next generation of hardware-enhanced endpoint security. Enabled by McAfee® DeepSAFE™ technology, McAfee Deep Defender provides hardware-enhanced security that uses Intel® Virtualization Technology (Intel® VT) built into Intel® Core® i3, i5 and i7 processors to detect and delete, in real-time, low-level threats that are difficult to detect with traditional operating system (OS)-based security techniques. To further enhance identity management across clouds, McAfee® Cloud Identity Manager, which is part of the McAfee Cloud Security Platform, provides on-premise, comprehensive software-based access control for cloud applications using enterprise identities, or Intel Cloud SSO (single-sign on) provides “identity as a service” solution in the cloud. Intel® Identity Protection Technology provides additional hardware-enhanced security technology that is difficult to tamper with and goes beyond user name and passwords to provide a second factor of authentication.
Future developments will focus on advancements in data and identity protection for devices accessing cloud services.

Ecosystem Collaboration to Drive Industry Standards & Enable Security Solutions

Intel and McAfee are engaged with several industry standards bodies, including the Cloud Security Alliance and Open Data Center Alliance, to accelerate more consistent cloud security standards. In addition, both companies are working with a broad range of systems and software providers to enable open, interoperable solutions for cloud security so that IT can more easily deploy solutions to strengthen cloud security. Through the Intel Cloud Builders program, more than 50 partners are collaborating with Intel and more than 130 hardware and software partners are delivering security solutions as part of the McAfee Security Innovation Alliance.

Now and Moving Forward

Intel and McAfee have a shared, multi-year mission to enable highly secure cloud computing over time to ensure that for any given workload running on any connected infrastructure, IT departments can know that:

  • Data, applications and infrastructure are secure.
  • Corporate compliance requirements are automatically met.
  • Corporate security policies are automatically applied throughout the workload lifecycle.
  • Solutions provide 24/7 reporting and are easy to implement.
    With hardware-enhanced security technologies, plus software solutions and services available from Intel and McAfee, along with solutions enabled with a broad ecosystem of partners, companies can start building a secure foundation today on a path toward worry-free cloud security of the future.

Blowfish12@2012 Author: Intel | McAfee Source: newsroom.intel.com

Advertisements

Top 5 Anti-virus for Android

 

The field of technology these days is very much inclined towards the mobile phone market, with many new mobile brands being launched, and the already established ones introducing better functional smartphones which are capable of performing various human activities.

Why the need for Anti-virus on your mobile phone?

Versatility and diversity is being provided by the cell phone companies, but with these highly functional gadgets, we need to be very responsible with the information we carry with it. Mobile phones and tablets have started replacing many electronic gadgets these days, and in the near future we expect financial information also to be stored in them. To secure important data one needs n Anti-virus on his phone. If you have an Android phone, the top 5 anti-virus for Android phones are listed below.

Android antivirus apps

ESET Mobile Security

This anti-virus is famous for the Symbian and Windows enabled mobile phones, but it has also released a version for Android which has been successful to impress the Android enabled phone users, thus making its way to the top 5 anti-virus for Android list. The anti-virus engine of ESET is combined with antispam and antitheft which are very efficient in providing protection in real time for all the threats which an Android phone may face. The battery life and performance preserving aspect of the ESET mobile security is a plus point to have.

Kaspersky Mobile Security 9

This version is one of the latest launches by Kaspersky for mobile device security, available for the Android users also. It supports Android operating system 1.6 to 2.3 version. Because of the various privacy protection benefits, antitheft facilities and many other security benefits, it has made its way up to the top 5 anti-virus for Android phones.

McAfee Mobile Security

This anti-virus is well-known to serve the business enterprises the best with its “McAfee Enterprise Mobility Management”. A company can have the mobile devices of their employees secured and also offer them the access to the corporate applications on their mobile devices. This mobile security is being used extensively in the corporate world because of its unique security solutions designed for the corporate world.

Norton Smartphone Security

The key technologies which have enabled this anti-virus software to be among the top 5 anti-virus for Android are:

  • SMS Antispam: Blocking messages from an unknown sender
  • Antivirus protection
  • Firewall

Norton has other features and benefits which provide total security to the mobile devices and ensure that no worms, virus or even spyware remains among the various files, applications and file archives in the mobile phone.

Bitdefender Mobile Security

This mobile anti-virus software can only be used by the Android users only at present. It is not found to be supporting any other operating system. This software is obtainable in the Android market free of cost at present. It used to be a paid service but is offered for free at present; which could change anytime. Its special features exclusive for Android phones enables it to be a part of the top 5 anti-virus for Android list.

Top 5 Small Antivirus for USB Flash Drives

 

USB Flash Drives play the biggest role in transferring viruses from one computer to another. This is really annoying and we all face this when we move data through flash drives. The famous autorun.inf  virus is the one that is usually found in flash drives which is executed as soon as it’s attached and opened. This type of virus is not harmful but annoying as it copies itself to all permanent drives of a system.

Even after tight security through Antivirus Software this nifty little virus manages to enter most of the time without being detected. But there’s a solution for this – dedicated application to monitor and stop these flash drive viruses in real time.

The list below is of 5 best of those small antivirus applications which are specially developed to stop any type of USB worms. All of these are light weight, automatic and can be run in parallel with standard and full antivirus and do not slow down your computer at all.

Naevius USB Antivirus 2.1

A very popular and small antivirus. Naevius USB Antivirus is a tool which protects all your your pen drive fromautorun-viruses. Takes a very little space in memory and scans the drives in real time.

Download


TrustPort U3 Antivirus 2010 5.0

TrustPort U3 Antivirus is designed specifically for the protection of U3 smart drives. When installed on the U3 smart drive, it continuously monitors files being copied to the drive, so that no malicious codes can be stored on it. On-access protection is further supplemented with on-demand scanning.

The user can scan files, folders or drives on the host computer. If an infected file is found, it will be handled according to user settings. It can be renamed, moved to quarantine or deleted. To ensure the highest level of security, the software udergoes regular updates from the internet.

Download


USB Flashdrive Autorun Antivirus 1.0

USB Flash Drive Autorun Antivirus automatically detects, closes and deletes the virus from your drive. The software provides future protection by immunizing the system; by installing special autorun file which virus can’t delete.

Comes with multiple inbuilt tools like Task Manager to manage running programs, Autorun Suppressor to temporarily disable autorun while inserting the drive and System repair feature to repair system functions broken by a virus. It doesn’t require any signature updates so it is perfect for offline computers.

Download


USB Drive Antivirus 3.0

USB Drive Antivirus provides 100% protection which scans automatically, block and delete USB virus, trojans, and malicious code. It also works for Memory cards.

Download


USB Drive Antivirus

Another very popular but not so user friendly of all. But detects malicious files at good speed. Scanning options are not limited to USB drives – you can scan hard drives too.

Download

Check whether your antivirus is good

 

Additional notes:

  1. This file used to be named ducklin.htm or ducklin-html.htm or similar based on its original author Paul Ducklin and was made in cooperation with CARO.
  2. The definition of the file has been refined 1 May 2003 by Eddy Willems in cooperation with all vendors.
  3. The content of this documentation (title-only) was adapted 1 September 2006 to add verification of the activity of anti-malware or anti-spyware products. It was decided not to change the file itself for backward-compatibility reasons.

Who needs the Anti-Malware Testfile

(read the complete text, it contains important information)
Version of 7 September 2006

If you are active in the anti-virus research field, then you will regularly receive requests for virus samples. Some requests are easy to deal with: they come from fellow-researchers whom you know well, and whom you trust. Using strong encryption, you can send them what they have asked for by almost any medium (including across the Internet) without any real risk.

Other requests come from people you have never heard from before. There are relatively few laws (though some countries do have them) preventing the secure exchange of viruses between consenting individuals, though it is clearly irresponsible for you simply to make viruses available to anyone who asks. Your best response to a request from an unknown person is simply to decline politely.
A third set of requests come from exactly the people you might think would be least likely to want viruses “users of anti-virus software”. They want some way of checking that they have deployed their software correctly, or of deliberately generating a “virus incident in order to test their corporate procedures, or of showing others in the organisation what they would see if they were hit by a virus”.

Reasons for testing anti-virus software
Obviously, there is considerable intellectual justification for testing anti-virus software against real viruses. If you are an anti-virus vendor, then you do this (or should do it!) before every release of your product, in order to ensure that it really works. However, you do not (or should not!) perform your tests in a “real” environment. You use (or should use!) a secure, controlled and independent laboratory environment within which your virus collection is maintained.

Using real viruses for testing in the real world is rather like setting fire to the dustbin in your office to see whether the smoke detector is working. Such a test will give meaningful results, but with unappealing, unacceptable risks.
Since it is unacceptable for you to send out real viruses for test or demonstration purposes, you need a file that can safely be passed around and which is obviously non-viral, but which your anti-virus software will react to as if it were a virus.

If your test file is a program, then it should also produce sensible results if it is executed. Also, because you probably want to avoid shipping a pseudo-viral file along with your anti-virus product, your test file should be short and simple, so that your customers can easily create copies of it for themselves.
The good news is that such a test file already exists. A number of anti-virus researchers have already worked together to produce a file that their (and many other) products “detect” as if it were a virus.
Agreeing on one file for such purposes simplifies matters for users: in the past, most vendors had their own pseudo-viral test files which their product would react to, but which other products would ignore.

The Anti-Malware Testfile
This test file has been provided to EICAR for distribution as the “EICAR Standard Anti-Virus Test File”, and it satisfies all the criteria listed above. It is safe to pass around, because it is not a virus, and does not include any fragments of viral code. Most products react to it as if it were a virus (though they typically report it with an obvious name, such as “EICAR-AV-Test”).

The file is a legitimate DOS program, and produces sensible results when run (it prints the message “EICAR-STANDARD-ANTIVIRUS-TEST-FILE!”).
It is also short and simple – in fact, it consists entirely of printable ASCII characters, so that it can easily be created with a regular text editor. Any anti-virus product that supports the EICAR test file should detect it in any file providing that the file starts with the following 68 characters, and is exactly 68 bytes long:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

The first 68 characters is the known string. It may be optionally appended by any combination of whitespace characters with the total file length not exceeding 128 characters. The only whitespace characters allowed are the space character, tab, LF, CR, CTRL-Z. To keep things simple the file uses only upper case letters, digits and punctuation marks, and does not include spaces. The only thing to watch out for when typing in the test file is that the third character is the capital letter “O”, not the digit zero.
You are encouraged to make use of the EICAR test file. If you are aware of people who are looking for real viruses “for test purposes”, bring the test file to their attention. If you are aware of people who are discussing the possibility of an industry-standard test file, tell them about http://www.eicar.org, and point them at this article.

For additional information and test file downloads click here.