If McAfee end point security products were to have visibility to physical threat, the reaction time to invoke protective actions against unauthorized exposure of confidential information would be greatly improved. Reactive actions could include the locking of the host console to an OS login screen, the dismount of encrypted storage, the issuance of an alert, or the invokaiton of deterrent actions such as an audible siren. In cases where the host were an Intel based system, leveraging features of hte AT feature set would afford additional protective actions at the hardware level, which could include host bricking, cryptokey destruction, etc.
Considering the market positioning for such a technology the appeal to hte consumer space would primarily be protecting assets from loss, whereas enterprise and public sector users would benefit from instantaneous responsive protection of confidential data either stored or accessible by the host. By integrating an active physical security technology such as the Cicada USB anti-theft / tamper platform, developed by Cicada Security Technology, as an enabling technology, McAfee and Intel would be able to deliver a level of security which no end point security vendor has been able to deliver to date across a broad hardware platform.
Deliverable benefits would include the use of the Cicada as a trigger for McAfee end point platforms
- to eliminate the need for mandatory disclosure in cases where a Cicada equipped host were stolen while logged in.
- in federated Identity environments to assure that the connecting statiuon has adequate physical securityas an authentication criteria
- In tactical environments to invoke key destruction, or host hardware disable, in the event of theft or tamper.
- centralized, real time event notification of physical threat
- dismount of mobiler USB encryption in the event of detected physical threat
- Instant interruption of secure channeled network communications between the station and a secure external host.
- Instantly activate asset recovery services the moment the asset reports physical threat.
Adding visibility to physical threat fills the gap which exists between physical restraint products such as cable lock products, and after the fact solutions such as asset recovery servies. The addiiton of an external physical threat aware technology as an external trigger affords McAfee the ability to respond to physical threat instantly.