Formulating and managing online identity and access control
A comprehensive collection of articles, videos and more, hand-picked by our editors
This past Thursday, Santa Clara-based McAfee Inc. entered the identity and access management space through something of a side door. McAfee, which is a wholly owned subsidiary of Intel Corporation, is shifting products out of the Intel portfolio.
Senior Product Marketing Manager Robert Craig said the decision to transition two products into the McAfee portfolio was made last August, "primarily because McAfee has an enterprise sales force that's used to selling software, whereas the Intel sales force is really more used to selling to manufacturers and hardware distributors. And, of course, McAfee's a very strong security brand, where Intel is more of a hardware brand."
Craig also noted that when McAfee execs looked at their overall product portfolio, "there wasn't really anything for identity."
The new McAfee identity and access management (IAM) products are:
- McAfee One Time Password: scalable multifactor authentication solution which delivers a one-time password (OTP) to any mobile device or PC.
- McAfee Cloud Single Sign-On: delivers single sign-on (SSO) for hundreds of cloud-based applications.
A point of interest with the SSO product is that it can be implemented either using an on-premises installation or as a cloud service. Furthermore, it's a "hybrid SKU," Craig said. "Customers can buy one license on the SKU and then they can apply the license to either an on-premises version or a Software as a Service (SaaS) version. Customers will be able to mix and match how they apply their licenses."
The cloud component of SSO may indeed be an increasing concern to enterprises. McAfee sponsored an Enterprise Security Group survey of 307 IT security professionals to find out more about their views on cloud security. Forty-six percent of organizations use between one and five cloud applications or services; 40% use between six and 10 cloud applications or services; and 14% use between 11 and 20 cloud applications or services today. Additionally, the number of organizations using between 11 and 20 cloud applications or services will increase from 15% to 40% over the next 12 months, the survey said.
IDC analyst Sally Hudson likes the new offerings. "McAfee is delivering a triple threat here: SSO for on-premises, SSO for SaaS/cloud and 2F software token delivery via a smart phone. Hudson thinks this should make them a very attractive choice for not only enterprises, but for independent software vendors delivering SaaS and cloud solutions, as well.
"Since many companies currently have a mix of SaaS and on-premises applications, and many more are moving to adopt SaaS within their organizations, the ability for an SSO solution to function well in both environments is ideal from a market penetration and growth perspective, she said.
Hudson also noted that there has been a general shift from hardware tokens to soft tokens as a function of cost and greater flexibility. "The ability to use one's mobile device as part of a two-factor/multifactor authentication process is very appealing to many corporations and other organizations, as it reduces cost in replacing lost hardware tokens."
As part of its identity product announcements, McAfee announced it is also creating a new McAfee Identity Center of Expertise, staffed with experts in identity and cloud security, to assist users with questions pertaining to identity and access management issues, such as architecture requirements and best practices.