Monday, March 15, 2010

McAfee Debuts Cloud Secure Program for SaaS Providers

McAfee announced a new Cloud Secure program for helping Software-as-a-Service (SaaS) providers add security to their cloud deployments. The program combines cloud security certification services with automated auditing, remediation and reporting capabilities provided by McAfee. Amazon Web Services (AWS) and SuccessFactors, a leading SaaS provider are expected be amongst the first providers to leverage the new program.

The McAfee Cloud Secure program includes:

  • Cloud Security Certification Services: McAfee will partner with leading Certification delivery vendors to provide Certification services tailored for SaaS and Cloud vendors. The certification services, which are provided on an annual basis, will include existing security controls, processes and certifications, as well 0as future Cloud security standards.

  • Automated Auditing, Remediation & Reporting: Coupled with Certification, McAfee performs automatic and daily security audits, remediation of vulnerabilities and reporting of the security status of their service and network using the McAfee Cloud Secure service. Cloud vendors who pass the daily scan and other checks receive a "McAfee SECURE" trustmark, providing credible, third party validation to be used on their solutions and in customer-facing marketing collateral.

  • Security Credibility: The McAfee Cloud Secure program will leverage the trusted McAfee SECURE technology and trustmark. Currently, the McAfee SECURE trustmark appears on more than 80 thousand websites worldwide. With more than 80 billion touch points, the McAfee SECURE trustmark gives users confidence when doing business with a McAfee SECURE customer. McAfee Cloud Secure combines rigorous security testing, business practice review, compliance certification, and ongoing vulnerability evaluation for Cloud vendors.

McAfee plans to build on the program by leveraging its comprehensive SaaS portfolio of Cloud-based security services along with its unrivaled Global Threat Intelligence network, helping make the broader cloud-computing ecosystem more safe and secure.