McAfee Signs Deal To Secure USB Drives

In an effort to block malware from spreading via USB drives, McAfee Tuesday announced that it has signed deals with a number of secure USB manufacturers to ship McAfee security software on their devices.

According to McAfee, when a secure USB drive running its anti-malware software gets plugged into a PC, the built-in software will automatically scan the PC for malware. If any is found, the software will block any file transfers to the USB device.

"Conventional USB drives and other removable storage devices can allow viruses, worms and other malicious code to penetrate systems," said David Scholtz, senior vice president of worldwide strategic alliances for McAfee, in a statement. "The combination of McAfee anti-virus technology with our OEM partner offerings provides the comprehensive layers of protection required to protect data from loss or leakage, and prevent the spread of malware."

McAfee said it now has deals with two-thirds of the world's secured USB manufacturers -- Hagiwara, Kingston Digital Inc, MXI Security, Rocky Mountain Ram, SanDisk, SPYRUS and Yoggie Security Systems -- to install the malware scanning and blocking software on their secure USB devices. Presumably, those manufacturers will also ensure that their own USB devices start off malware-free, unlike promotional (and not secure) malware-infected USB drives shipped by IBM to security conference-goers earlier this year.

USB drives, of course, provide malware with a direct route into the enterprise, no network required. Accordingly, said Roy Ramati, enterprise vice president at SanDisk, adding McAfee's technology should help "further enhance security at the enterprise perimeter," by helping curtail the spread of malware via USB drives.

Attackers have recently favored USB drives for precisely that reason. According to a McAfee study released in May 2010, auto-run worms that infect PCs via USB drives or removable memory cards were the most prevalent online threat seen in the first three months of 2010.

Some of McAfee's secure USB relationships predate this announcement, and also hint at all of the levels of security required to actually secure USB drives, both in terms of keeping unwanted malware out and sensitive information in.

For example, MXI Security said that since 2008, it has been using McAfee's encrypted hard disk and biometric software on its secure USB keys. Currently, it said, its drives also work with McAfee ePolicy Orchestrator, a centralized security management console that allows IT managers to set, enforce and monitor security policies for USB devices, including banning unauthorized devices.