Achieve your mission without compromising security
Federal, state, and local governments are accelerating their adoption of cloud services to achieve improved inter-agency collaboration, agility, and innovation, while diminishing IT complexity. However, security concerns around protecting data in the cloud from cyber criminals and state-backed groups remain a barrier to adoption. Federal requirements such as FedRAMP, FISMA, FIPS 140-2, and FITARA help to mitigate risk through stringent controls, but they are not sufficient. McAfee helps your agency with unparalleled visibility and risk assessment, usage and threat analytics, and seamless policy enforcement so that you can confidently take advantage of the cloud to fulfill your mission.
The first and only FedRAMP compliant CASB
McAfee Cloud Access Security Broker for Government is the first and only CASB to meet the rigorous security requirements for all federal agencies and be designated a FedRAMP Compliant System.
How McAfee Helps
Gain FITARA-mandated visibility into cloud usage
The average government agency uses 721 cloud services, many of them unknown to IT. McAfee helps you comply with FITARA mandated request to discover all cloud services in use, including services hosted in foreign and ITAR prohibited countries. McAfee then provides detailed risk ratings for each cloud service, enabling you to quickly understand the risks to your agency.
Meet regulatory requirements
McAfee enforces policies on sensitive but unclassified (SBU) information, payment card data, protected health information (PHI), and personally identifiable information (PII), to meet requirements under FISMA, PCI DSS, ITAR, HIPAA, and DIACAP. For example, inspect and block uploads to high risk file sharing services if they contain sensitive data based on your DLP policies or encrypt all citizen data stored in SaaS applications with agency-managed keys.
Detect and stop data leaks and insider threats
McAfee’s behavioral analysis engine leverages machine learning to identify patterns of usage that may seem innocuous but actually signify an insider threat. Combined with data from SIEMs and other analysis tools, you get a complete picture of user behavior to identify and stop inadvertent or malicious loss of sensitive data.
Find and close enforcement gaps
Many companies block certain high-risk services as defined by their security and compliance policies. However, these policies are often inconsistently applied due to the introduction of new cloud service URLs, inconsistent policies across firewalls and proxies, and exception sprawl. McAfee identifies these policy enforcement gaps and leverages your existing firewall and proxy infrastructure to close them – via user coaching, allowing partial access such as read-only access, and blocking.
Maintain control of your data
Enable IT-sanctioned cloud services by implementing data security controls. Encrypt your data with enterprise-controlled keys or tokenize your data before it is uploaded to the cloud – making data indecipherable to any third parties. Leverage FIPS 140-2 compliant encryption libraries to ensure the strength of encryption.