McAfee Embeds Android Application Control

It’s not exactly news that Android threats are on the rise and increasingly treacherous — but security solutions will still have to ramp up accordingly, giving solution providers a better ability to stay on their toes when building out mobile security portfolios.

That’s where McAfee Inc. is hoping to make inroads in mobile security markets. The Santa Clara, Calif.-based security arm of Intel Corp. launched its Application Control for Android, touted as the first white-listing security solution embedded on Google’s mobile platform. Like similar solutions, McAfee’s mobile application control solution blocks malicious code from executing on Android-based devices and provides application-layer protection.

The biggest differentiator: The solution is embedded into the operating system, residing in the Android kernel.

“McAfee is the only security technology provider that provides enforceable security from the Android kernel space. As Android kernel has been adopted on core Linux platform, it was a natural ground for us to extend our whitelisting solution capabilities to Android,” said Rishi Bhargava, vice president of product management, Embedded Security, at McAfee. “As Android continues to grow in its adoption, McAfee is committed to making this platform as secure and trusted as other common embedded developer platforms.”

As the security subsidiary of Intel, McAfee has a distinct advantage with its ability to embed security solutions. For one, embedding application control at the kernel level takes a few more steps in fulfilling long-stated security ambitions following Intel’s 2010 acquisition of McAfee. One of the goals envisioned for Intel’s security purchase was the possibility of embedding security at the chip level to defend everything from cars to pacemakers from malicious external hacks. Embedding solutions fills security gaps by blocking unauthorized applications and changes on fixed function point-of-service infrastructure, such as retail and medical devices, industrial control systems, office equipment, gaming devices, automotive, and various military and aerospace devices.

This advantage is being extended to mobile arenas with the ability to embed application control features into Android devices that are tamper-resistant while providing enhanced operational control and ease of management. This takes a few more steps toward a paradigm shift that makes security an inherent part of the mobile platform — as opposed to a bolted-on addition.

Embedding security on the Android platform gives solution providers a lot more options and market reach. Partners can make a renewed entrance into mobile markets with a differentiating — and potentially more comprehensive — approach to security that can be leveraged into a competitive advantage. This also means solution providers could gain territory in high-margin industry verticals looking at alternative security solutions to address Android attacks. Their search is well-warranted. By many reports, Android malware is rapidly evolving into evasive and sophisticated attacks. A report released by Trend Micro Inc. indicates Android malware has skyrocketed from 30,000 new samples in June of 2012 to almost 175,000 in September 2012, driven by the uptick in aggressive adware.

Similarly, a McAfee Q2 threat report highlights the biggest increase in Android malware samples in the last four years, which spiked 1.5 million since Q1 2012. One of the biggest reasons: Google’s open-source Android platform — a boon for developers looking for a wide-open, low barrier playing field when creating and distributing mobile apps. The same benefits, though, hold true for cybercriminals looking to spread data-stealing malware and other malicious threats via mobile platforms.

Until now, McAfee has kept pace with competitors Trend Micro and Symantec Corp. in terms of mobile device management and mobile security prowess. Going forward, the firm will hit the space harder with attempts to take a bigger swath of the market from competitors. For partners, investments in mobile security arenas will likely pay off in the near future.

Related Articles:

One Response to “McAfee Embeds Android Application Control”

  • craig kensek:

    This has been a long time in coming and will improve security on mobile devices. This won’t make the other security vendors happy and will probably make them quite nervous, though they won’t admit it. Security firms were making sure that the EU knew their concerns about Intel acquiring McAfee prior to the acquisition, expressing their fears of McAfee having a competitive advantage as an Intel subsidiary. Analysts covering this space should have a lot of fun commenting on this announcement and the effect it will have on the other security vendors with security offerings for Android.

Leave a Reply