This week in GRC, the issue of security features prominently with security issues around Android identified by Symantec, McAfee opens a new data center in the UK as part of its ongoing drive to provide content backup and security, Clearwell adds a legal hold module and ProofPoint releases a cloud-based email security and compliance package.
Malicious Android Update
With all the interest in smartphones recently and all the problems with securing content in phones, this week there was news from security vendor Symantec (news, site) that the most recent update to its Android mobile operating system has already been the target of hackers.
According to a blog post from Mario Ballano of Symantec, the company has found an application called Android Market Security Tool that is a malicious version of the Google update of the same name that sends SMS messages, if instructed to do so by a command-and-control server.
The code, according to the blog, was found in an uncontrolled third-party Chinese marketplace. The blog also says that the code used in the new threat is based on a project hosted on Google Code and licensed under the Apache license.
The original Google version of the patch was offered to users who had downloaded apps affected by the Droid Dream virus, after which Google pulled nearly 50 apps from its marketplace and removed them from handsets using a kill switch.
The blog adds that analysis of the application is still ongoing, while Google advises users -- again -- to download applications only from somewhere they trust. Check out the blog for more on this.
McAfee Expands Data Security
Following last week’s announcement that Intel’s acquisition of McAfee is finally complete, both companies got back to business as usual with McAfee (news, site) continuing to expand its cloud offerings with the opening of a new data center in London, UK, that will be used to support its security-as-a service business.
This is the fifth such center in the past year, with another new center expected to open in the coming weeks too. According to McAfee, the opening is part of its ongoing strategy to develop Web and email security as well as its ability to offer enterprises vulnerability management.
The idea behind the centers, which are now located in Australia, the US and Japan as well as the UK, and to which Hong Kong will be added in the coming months, is to provide a failsafe system for McAfee users, who won’t notice if the data center they are using goes down.
The strategy will see each region McAfee is operating in offering two centers, each backing up the other so that in the event of a fault, the other center of that region will pick up the load.
McAfee has been pushing its cloud-based security offerings a lot over the past few months and with these centers aims to quarantine threats in the cloud before they arrive in enterprise networks -- a question of acting rather than reacting.
Clearwell Adds Legal Hold
If you missed it earlier, Clearwell (news, site) has announced that it is continuing to build its e-Discovery platform this week with the release of a legal hold module that adds automated hold processes to the platform.
This will give enterprises scalable workflows that will enable them to reach across enterprise systems, including legacy systems that are already in place as a result of its extension of its e-Discovery platform using EntropySoft connectors.
The process of legal hold has, to a large extent, been done manually using email and spreadsheets, which is not always 100% accurate and can end up with errors and result in hefty fines. Interested in more?
Proofpoint’s New Email Security
Email security is also an ongoing problem with many different vendors offering many different solutions. Cloud-based email security vendor Proofpoint (news, site) is tackling this with the release of an email security and compliance platform for the enterprise, Proofpoint CloudControl.
With it, Proofpoint provides public cloud-based services focused on security, compliance, archiving and e-Discovery on an integrated platform.
Proofpoint CloudControl employs a three-tiered architecture that includes a secure infrastructure, shared cloud services and a series of enterprise application suites. Full cloud-based deployments will be able to take advantage of all three layers, while private cloud or on-premises configurations employ specific components.
The company has also integrated a set of governance standards with its Proofpoint CloudControl architecture to ensure performance and compliance.
The company says it actively monitors its secure infrastructure layer, collecting metrics on hardware, networking and OS, with thresholds designed to provide optimal performance. Alerts and escalation schemes aim to deal with issues before they become major issues.
Aimed at large enterprises, it aims to monitor the vast amount of data that is currently being created on the web and in social media networks.