Post GDPR, there is still a lot of complexity in data privacy and data residency requirements. Depending on where they are located, what industry they are in, and how diverse their customer base is, companies are requiring a high degree of flexibility in the tools they use for web security. While most web security products in the market today simply document their data handling practices as a part of GDPR compliance, McAfee strives to give customers more flexibility to implement the level of data privacy appropriate for their business. Most of our McAfee Web Protection customers use our technologies to manage employee web traffic, which requires careful handling when it comes to processing Personal Data.
Our latest update to the McAfee Web Gateway Cloud Service introduced two key features for customers to implement their data privacy policies:
- Concealment of Personal Data in internal reporting: We enable you to conceal or pseudonymize certain fields in our access logs. You can still report on the data but Personal Data is obfuscated. As an example, you can report on how much your Top Web Users surfed the Internet, but administrators cannot identify who that top user is.
- Full control of data residency: Especially in heavily regulated industries, many of our customers have asked for the ability to control where their log data goes so that they have control over data residency. We give you that control. For example, you can currently select between the EU and US as data storage points for users connecting in each geographical region. Additional finer control can be achieved by configuring client proxy settings, or through Hybrid policy. And, in conjunction with Content Security Reporter 2.6, customers can centrally report on all the data, while providing access control on the generated reports.
As a globally dispersed organization, there are of course still limits to what we can offer – our support and engineering teams, for instance, might need to access data for troubleshooting purposes from other geographies. Telemetry and other data required to operate the service would still be global. But to the extent that we can, with the access logs that contain PII, customers want more control.
McAfee Web Gateway Cloud Service is built for the enterprise, and many organizations will gain a higher level of performance than they currently experience on premises. As your security team continues to manage highly sophisticated malware and targeted attacks that evade traditional defences, McAfee Web Gateway Cloud Service allows you to go beyond basic protection, with behaviour emulation that prevents zero-day malware in milliseconds as traffic is processed.