On Tuesday we hosted our second annual SIA Developer Conference in Las Vegas, which was held in conjunction with FOCUS 09, McAfee’s user conference (more on that in a moment). As part of the Developer Conference, we awarded AirPatrol Corporation the “2009 SIA Most Innovative Partner.” We present this prestigious award annually to the SIA partner that most creatively leverages McAfee ePolicy Orchestrator (ePO) software to deliver joint customer value.  AirPatrol Corporation is leveraging the power of ePO through the integration of their Wireless Policy Manager, and we expect that our joint solution will stimulate powerful new workflows for security and compliance.

AirPatrol receives 2009 SIA Most Innovative Partner award from McAfee CEO, Dave DeWalt

FOCUS 09 was sponsored in part this year by more than 20 SIA partners who are showcasing completed or upcoming integrations. In yesterday’s SIA momentum press release, we announced that we’ve added many new partners to the program since our July 2009 announcement.  The new Associate Partners include AirTight Networks, Allen Corp. of America, Buysec, Correlog, Courion, Damballa, Evidian, Hitachi, Liquid Machines, NSSPlus, Quest Software, Tier-3 and Validity. We also added eight new Technology Partners whose integration has been inspected by McAfee, including Absolute Identification, eIQnetworks, Guardium, HBGary, Intellitactics, Prevari, Triumfant and Verdiem. Finally, we added five partners to our Sales Teaming Program from our Technology Partner ranks, and we were pleased to advance Absolute Identification, ArcSight, eIQnetworks, Intellitactics and Verdiem to this level of partnership.

While I’m really excited about the growth we’ve delivered thus far, I am even more energized by the incremental possibilities that exist.  Dave DeWalt, our President and CEO, talked about this during his keynote this morning:  as we continue to interlock our own solutions with our partner solutions, from silicon to satellite, we are creating an infrastructure that can respond much more quickly to threats, irrespective of source, location of origin, or threat vector. I believe feeding the threat intelligence information that our existing and expanding partner base captures into McAfee’s already robust threat intelligence capabilities, will not only give us tremendous operational efficiencies, but will also vastly increase the visibility of new threats and the velocity with which we can remove them.  And when our partners collect this more sophisticated information from our platforms, and continue to add their new information, we will benefit from a very interesting multiplier effect.

The Security Innovation Alliance is the leading open security platform in the industry and is proving its success in the development of interoperable security solutions.  The threats are not standing still, and neither are we.  We are always looking for new, innovative ways to help our customers solve ever-more complex problems.  And by banding together with our world-class partners, we are leading the charge in helping to make our customers more secure.

It is the Information Systems Security Association (ISSA) and its possibly holding a meeting in a location near you.

Why does this matter you ask?

Because the individuals that meet in the individual chapters around the world are literally deciding what corporations and governments worldwide do to secure their data.

Things ISSA Chapters Do:

- Technology based seminars

- Security Panel Discussions

- Security Education

- Assist government in defining standards and policy

- Share security challenges with other ISSA members

What’s the news?

Many of you may not know this, but in January of 2009 McAfee became the central hub for the Silicon Valley Chapter of the ISSA. The Silicon Valley chapter is the 7th largest ISSA chapter in the World (over 300 members). Late in 2008 the Silicon Valley chapter was looking for a new meeting place to hold their chapter meetings. After careful consideration, the ISSA board selected McAfee’s Headquarters as their meeting venue for the  duration of 2009. So far, we’ve had two excellent meetings here at McAfee and the food and meeting topics have been great.

McAfee has dedication and commitment to the security community and of course. Most recognize that becoming a thought leader not only takes technological innovation, but also good relationships and hard work with progressive minded organizations and people whose mission is also tackling today’s most challenging security problems. The ISSA is one of those progressive organizations and I am a proud participant and personally encourage others to become a part of it.

I’d like to thank ISSA board members J.J. Thompson, Harry Bing-You,  Nancy Bianco and the rest of the ISSA board for selecting McAfee for their 2009 meeting location.

Hope to see you at the next meeting!

Gartner has coined the term “consumerization” for the reality that unmanaged endpoints and consumer-based services have permanently changed the control model for IT.  Opening day 2 at FOCUS 2008, John Pescatore, VP at Gartner, predicted that this change will be one of the major challenges for security in the next two years, with specific new risks coming in social network subversion, hypervisor attacks, malicious mashups, and SOHO-based attacks.

IT security must now deal with managed systems (desktops and servers), mobile systems (laptops, smartphones, and USB devices), and remote, unmanaged access by users anywhere. At FOCUS, Pescatore discussed this challenge with executives from Intel, VMware, HP, and McAfee, and each proposed different strategies for securing this new future.

In the devices themselves, Intel plans to allow security and management to be activated at the silicon level. In this model, a chip can initiate a security scan and policy compliance check, whether or not a device is turned on. Security policies can be enforced at the lowest level to implement encryption and enforce data protection. Access control and authentication can drop from the application level into the hardware for rigorous control and remote management. For employees that never enter the office, remote services will be the only way to deliver and update protections and enforce compliance.

The Intel model assumes IT can predict and control the device used for access—and ensure it has the enabling silicon. In contrast, VMware takes the view that desktops will be virtual, using applications and data from an elastic Internet and compute cloud. So security must live in a virtual container that can enforce policies on the fly. For example, this container could control port access for applications or mandate anti-virus scans. Integrations with McAfee ePolicy Orchestrator and McAfee Endpoint Encryption are on the way to make these ideas real.

Reality will be multi-dimensional, however. Intel reminded attendees that mobile users need online and offline productivity, precluding exclusively virtual systems, and they demand a personalized user experience in both modes, so one device will never do it all.

What should IT do today? Pragmatically, Pescatore pointed out that unmanaged devices are spurring investments in network access control (NAC) technologies that can detect and defend now. He also noted that a harsh economic climate will accelerate the trend to virtualization for its cost savings. VMware suggested that the rearchitecting that happens with a virtualization rollout presents an opportunity to improve security, which is one reason it is working closely with McAfee on securing the risks common to both physical and virtual environments, as well as virtualization-specific issues such as scanning and updates of offline virtual images.

Consumerization is here to stay. The McAfee partnerships described here showed how we will enforce policies and maintain compliance even as we lose direct control of the endpoints themselves.

“McAfee had the distinction of not being given a single negative rating (a score of four or less out of 10) in the poll, including pre-and post-implementation,” Computerworld Singapore reports. McAfee took the top slot, ahead of Trend Micro and Symantec, which came in third, according to the report.

At McAfee, we obviously like good news like this. We put a lot of time and energy in making sure our customers are happy. Let’s dwell on the survey a bit more. We’re getting kudos particularly for the deployment process of our products, where customers said we did “a very good to excellent job” of meeting their needs. The competition was behind particularly in that area.

Also, Computerworld reports: “Nearly 84 percent gave McAfee high ratings for its ability to stick to project budgets, compared with 65 per cent for other vendors.” Furthermore, McAfee scored high in installation support and after-sales service.

With such a good showing, it isn’t surprising that customers say they would recommend McAfee to their peers.