North American Regulations

Comply with government and industry-specific mandates

Next Steps:

Overview

McAfee solutions help you establish and prove compliance with the ever-expanding number of industry and government regulations. With McAfee, you can build a sustainable, unified approach to the controls required for compliance with the North American regulations protecting private, financial, and other sensitive data, such as:

  • 21 CFR Part 11 (FDA)
  • California AB 1950
  • California SB 1386
  • Fair & Accurate Credit Transactions Act (FACTA)
  • Fair Credit Reporting Act (FCRA)
  • Federal Energy Regulatory Commission (FERC)
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability & Accountability Act (HIPAA)
  • Payment Card Industry Data Security Standards (PCI DSS)
  • Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Sarbanes-Oxley Act (SOX)

Because regulations often leave room for interpretation, and many organizations are subject to five or more overlapping regulations, McAfee helps unify the controls required to secure your business and demonstrate compliance, mapping to a common, consistent set of controls. This consolidated view saves you effort and moves you toward an optimized security architecture.

McAfee’s endpoint-to-network portfolio gives you broad coverage over data loss, insider threats, access gaps, and malicious attacks. We help you understand where your regulated data is located, and how to implement policies and controls to protect it. Reporting templates help you generate the paperwork required for proof. Through automation and integration, you regain time you can direct to your core business initiatives.

Key Benefits

  • Consolidate control across multiple regulatory and business demands
    Map your requirements to industry best practices and streamline controls to gain a common set of requirements and a unified action plan.
  • Make compliance easier with fewer vendors to manage
    Access the industry’s broadest coverage across technical and policy requirements, consolidating endpoint, network, and cloud-based controls, and making it easier to comply with industry, federal, and state regulations. Tap the McAfee Security Innovation Alliance ecosystem for extended coverage.
  • Save time and enhance accuracy with automated tasks
    Avoid time-consuming ad hoc processes and eliminate errors with McAfee’s automated scanning, audits, remediation, enforcement, and reporting.
  • Assess risks and prioritize remediation — automatically
    Find and prioritize problems on your endpoints and networked systems, then correlate vulnerability, violation, asset, and countermeasure data to apply limited resources for maximum compliance return.
  • Enjoy simplified, centralized compliance reporting
    Improve data gathering and reporting for compliance with standardized templates that compile data across agent-based and agentless systems for a complete picture. Customize reports to suit executives and auditors.
  • Consolidate your view across IT controls
    Work from a single McAfee ePolicy Orchestrator (ePO) management platform to gain visibility across IT controls and PCI requirements — and reduce the headaches, expense, and delays associated with separate products.
  • Save time and trouble with automated policy definitions
    Assess and map IT controls to regulatory guidelines with automated, industry-leading policy templates.
  • Avoid data loss with outbound email controls
    Use predefined dictionaries (English only) and heuristics to automatically scan email for financial and private information. Block, monitor, or encrypt messages based on policy to ensure compliance.

Customer Stories

Abtran

McAfee security risk management solutions help Abtran meet clients’ increasing security requirements.

Highlights
  • Provided multiple layers of security risk management protection for Abtran’s clients
  • Reduced IT hours spent supporting, administering, and monitoring endpoint security
  • Cut time to produce weekly security reports from three or four hours to less than two minutes
  • Migrated easily and seamlessly from existing anti-virus solutions

DSM

DSM enlists McAfee to strengthen enterprise network security control and compliance.

Highlights
  • Provided full visibility into network traffic and connected systems
  • Simplified patch management
  • Improved compliance with regulations and policies
  • Increased efficiencies for significant cost savings

DTS Systeme GmbH

With McAfee Enterprise Security Manager it is possible for DTS to get a current, real-time overview of the security situation while offering the necessary scalability.

Highlights
  • Faster detection of risks
  • Targeted and faster reaction to potential risks
  • Reduction of administrative expenses
  • 50% less time required for security event management

Idaho State Tax Commission

Idaho State Tax Commission chooses McAfee to embed security in a new network infrastructure.

Highlights
  • Identified vulnerabilities and blocked threats
  • Delivered reliable endpoint protection
  • Enabled compliance with National Institute of Standards and Technology (NIST) security guidelines
  • Provided support for the commission’s defense-in-depth security strategy
  • Helped increase security awareness among network users

PAETEC

Telecommunications provider PAETEC watches sales skyrocket with managed service based on McAfee Network Security Platform.

Highlights
  • Protected against emerging threats even before installation of new signatures
  • Delivered excellent performance and reliability to PAETEC customers, who enjoy thorough and timely protection against threats without IT infrastructure burdens
  • Differentiated against offerings from competitors
  • Contributed to an already strong revenue stream and grew to emerge as the fastest growing area of PAETEC’s business

Products

Data Protection

McAfee Total Protection for Data Loss Prevention
McAfee Total Protection for Data Loss Prevention

McAfee Total Protection for Data Loss Prevention (DLP) safeguards intellectual property and ensures compliance by protecting sensitive data wherever it lives – on the network, in storage systems or at the endpoint, while saving time and money with centralized deployment, management, and reporting.

McAfee Complete Data Protection — Advanced
McAfee Complete Data Protection — Advanced

McAfee Complete Data Protection — Advanced offers strong encryption, authentication, data loss prevention, and policy-driven security controls to help block unauthorized access to your sensitive information — anytime, anywhere.

Email & Web Security

McAfee Content Security Blade Server
McAfee Content Security Blade Server

McAfee Content Security Blade Server protects enterprise networks from spam, malware, and other intrusions with a single, high-performance solution. Based on next-generation blade server architecture, Content Security Blade Server reduces IT costs, cuts complexity, and easily scales by inserting additional scanning blades to address future capacity requirements.

Endpoint Protection

McAfee Host Instrusion Prevention for Desktop
McAfee Host Intrusion Prevention for Desktop

McAfee Host Intrusion Prevention for desktop helps keep your business safe and productive by monitoring and blocking unwanted activity with a comprehensive three-part threat defense — signature analysis, behavioral analysis, and system firewall — all easily managed from one central console, the McAfee ePolicy Orchestrator (ePO) platform.

McAfee Host Instrusion Prevention for Serverrver
McAfee Host Intrusion Prevention for Server

McAfee Host Intrusion Prevention for Server delivers protection from complex threats instigated by cybercrooks. It helps you maintain business uptime by protecting critical corporate assets, including servers, applications, customer information, and databases.

Network Security

McAfee Firewall Enterprise
McAfee Firewall Enterprise

McAfee Firewall Enterprise is a next-generation firewall that restores control and protection to your network.

McAfee Network Security Platform
McAfee Network Security Platform

McAfee Network Security Platform is the industry’s most secure network intrusion prevention system (IPS). Backed by McAfee Labs, it protects customers on average 80 days ahead of the threat. It blocks attacks in real time, before they can cause damage, and protects every network-connected device. With Network Security Platform, you can automatically manage risk and enforce compliance — while improving operational efficiency and reducing IT efforts.

McAfee Network User Behavior Analysis
McAfee Network User Behavior Analysis

McAfee Network User Behavior Analysis delivers real-time visibility into what users are doing on your network and how they are using critical business applications. This intuitive view provides the decision support information you need to reduce risk and meet compliance requirements. Automated monitoring, based on packet capture, as well as analysis and instant correlation to security policy, dramatically increase accuracy and reduce the time and effort required to detect behavioral anomalies.

Risk & Compliance

McAfee Total Protection for Compliance
McAfee Total Protection for Compliance

McAfee Total Protection for Compliance makes compliance easy with the industry’s first integrated solution for vulnerability management, compliance assessment and reporting, and comprehensive risk management.

McAfee Application Control
McAfee Application Control

McAfee Application Control ensures only trusted applications run on servers and endpoints. It reduces risks from unauthorized software, boosts endpoint control, extends the viability of fixed-function systems without impacting performance, and lowers operating costs.

McAfee Change Control
McAfee Change Control

McAfee Change Control enforces change policies and provides alerts to file integrity issues, while providing options to easily block unauthorized changes to critical system files and directories.

McAfee Policy Auditor
McAfee Policy Auditor

McAfee Policy Auditor automates data gathering and assessment processes required for internal and external system-level IT audits.

McAfee Vulnerability Manager
McAfee Vulnerability Manager

McAfee Vulnerability Manager finds and prioritizes vulnerabilities and policy violations on your network. It balances asset criticality with vulnerability severity, enabling you to focus protection on your most important assets.

Services

Data Loss Prevention Assessment

Detect and prevent the unauthorized transmission or disclosure of sensitive information. McAfee Foundstone reduces your risk of exposure by identifying sensitive data copied or currently in transit from its original intended container.

Incident Management Check

Build a better, more effective incident response and management program. McAfee Foundstone analyzes the gaps in your incident management program and offers recommendations to improve your emergency response protocol.

Regulatory & Compliance Check

Meet information security compliance requirements. McAfee Foundstone assesses gaps in your organization’s regulatory and compliance status and makes next-step recommendations.

Vulnerability Management Check

Assess your vulnerability management program. McAfee Foundstone analyzes the gaps in your program to ensure you have the right balance of people, process, and technology.

Resources

White Papers

Strategies to Mitigate Targeted Cyber Intrusions McAfee Capabilities

Strategies to mitigate targeted cyber institutions are mapped to McAfee capabilities — addressing the Top 35 Mitigation Strategies from the Australian Defence Signals Directorate (DSD).

Community

Blogs

  • Shedding light on ‘Shadow IT’
    David Small - January 9, 2014

    BYOD, BYOA, BYOx. The IT industry is full of acronyms depicting its constant evolution and relationship with the professional world. First came the devices; employees saw the power of personal devices and insisted on using them in the workplace. And so the consumerisation of IT was born. After the devices came the apps. Companies reported […]

    The post Shedding light on ‘Shadow IT’ appeared first on McAfee.

  • Walking the Talk on Public-Private Partnerships
    Tom Gann - August 16, 2013

    There’s been a lot of talk about the value of public-private partnerships in moving the U.S. toward a more robust cyber security posture. And let’s be honest:  there’s also been a lot of private sector skepticism about how much the Administration really believed in the concept or how much they would do to make it […]

    The post Walking the Talk on Public-Private Partnerships appeared first on McAfee.

  • Five Factors That Make D.C. Region a Cybersecurity Hub
    Tom Gann - May 29, 2013

    McAfee is based in Silicon Valley, but we know there’s more to tech than California. We recently joined the National Institute of Standards and Technology to launch the National Cybersecurity Center of Excellence, a joint effort among high-tech business, federal, state and local government and local universities located in Rockville, Md. The goal of the […]

    The post Five Factors That Make D.C. Region a Cybersecurity Hub appeared first on McAfee.

  • Getting Assurance in a Time Constrained World
    McAfee - May 20, 2013

    Nothing is as frustrating as when something goes wrong, especially when you have time constraints.  NIST has just released Special Publication 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations where a few notable items have been added to increase the confidence that security, practices, procedures and architectures of information systems […]

    The post Getting Assurance in a Time Constrained World appeared first on McAfee.

  • Response Now as Important as Prevention
    Leon Erlanger - February 24, 2012

    The National Institute of Standards and Technology (NIST) has updated its Computer Security Incident Handling Guide to take into account the increasingly dire state of cyber security. As anyone who has followed the rush of high-profile incursions over the past year knows, it’s looking less and less possible to prevent the inevitable attack, no matter […]

    The post Response Now as Important as Prevention appeared first on McAfee.