Digital Identity in Perspective
John Tolbert

Perhaps the best solution would be to add better cryptographic functionality to web
browsers, such that browsers could generate, utilize, and prove possession of a
cryptographic key without requiring transmission of that key across the internet.
This would be useful for human user identity with browser interactions. Given the
nearly ubiquitous distribution of Trusted Platform Modules (TPMs) in computing
hardware today, having a programmatic method for accessing the TPM would
create a much more secure means of authenticating and asserting device identity,
as well as other parameters (such as software patch levels, device firewall status,
and anti-virus software signature file levels). Though TPMs won’t prevent all attacks
on users and their devices (DLL injections of keyloggers after bootup, for example),
the goal in this space should ultimately be to provide degrees of platform
assurance, based on TPM, machine identity, and machine health.

entire paper:

http://www.w3.org/2011/identity-ws/papers/idbrowser2011_submission_57.pdf

about the author:

John Tolbert, Identity and Authorization Controls Architect, The Boeing Company

John Tolbert is the Identity and Authorization Controls Architect for The Boeing Company. In this role, John develops and implements identity and authorization strategies and consults with business partners. John also provides technical leadership for the web access management architecture. As the former identity federation product manager, he worked on some of the first identity federation projects in the industry. John also managed the identity federation partner engagement process and built governance processes to support the business model.

John is a member of the OASIS Open Document Format for Office Applications and XACML TCs, and is the liaison between OASIS and the Transglobal Secure Collaboration Program (TSCP). He is also a member of Project Concordia and the Kantara Initiative, and serves on several software vendors' customer advisory boards.

Prior to his involvement in identity management, John was the firewall product manager and deployed VPN services. Before coming to The Boeing Company, John worked in system administration and computing security in the manufacturing and accounting fields. He received a BA degree from the University of Louisville.

MMBG



I hear you pal. So you can imagine how fortunate I feel that I loaded up under .50 many months back. I thnk history will show that todays price is a screaming buy. But with that said I am very content to hold my position at the present time


JD

MMBG


I guess we just remember the times we buy & sell. I like to buy low and unfortunately you sold low. But hamg in there kid Trusted Computing is coming like a freight train, just wait and see


JD

MMBG


I was referring to my rather large purchase @ .40 at the beginning of 2009. My last purchase was at .50 so I dont worry about Waves share price at 2.70. The game hasn't started yet.


JD

why is the stock up 600% in 2 years?

Expatriate



Living in NY? I guess you will get to ask all the questions at the ASHM. See you there


JD

MMBG



I have no doubt that by the end of this year you will know why Dell has kept Wave on the books all these years

JD

Mymoney




Just ask yourself...why does Dell continue to pay Wave 5+ million a quarter "just to be in the box". Do you think that Michael Dell & the Spragues are one big family? Perhaps Dell just likes to throw 20 million a year at a failed venture.

You talk about "upgrades". My question to you is who is Wave losing the business to? With all the roads pointing toward major SED adoption over the next couple of years who do you think will benefit the most? Winmagic? Safenet?

The reason Wave is only scratching the surface for this massive opportunity is just a result of the market moving at a snails pace. I remember when only a few people owned cell phones. Now everyone has one. As a matter of fact Jake loves his new phone.

Soon you will see MASS adoption of SED's and Hardware Security based on the TPM. How do I know that? very simple answer...there is NO alternatives out there. Wavoids know it, the government knows it, PWC knows it, BASF knows it, and Papa Gino's has known it the longest.

I think I'll have a slice of pizza for lunch

JD

MIB



I go back to 2000 when I bought my first Wavx shares. I owned 800 shares when Wavx hit $50 in 2001. I use the spring of 2009 as my barometer because Wavx traded in the 40-50 cent range for most of the early part of 2009. This is where I loaded up. Over 90% of my shares were bought post split so the reverse split did not effect my portfolio all that much. To be honest the down fall of Waves share price will probably turn out to be the best thing that ever happened to true Wave longs. It gave us a great opportunity to load up on Wave shares at very low prices. I think you will find there is more than 20 Wave longs on these boards that have six figure positions who are way ahead on the stock

Good luck

JD

Jermart it could be worse



He could have shorted Wave at 3.14 and made a quick easy buck...how did that work out? ehh

Wave to Host InfoSec Europe 2011 Workshop Featuring PricewaterhouseCoopers


Wave Systems Corp. (NASDAQ: WAVX) (www.wave.com) will attend InfoSecurity Europe 2011 this week, hosting a workshop that features customer PricewaterhouseCoopers (PwC). The two-hour event will give conference-goers an opportunity to hear firsthand how PwC is leveraging built-in hardware security based on open standards for authentication. Additionally, Wave is co-exhibiting with the Trusted Computing Group at stand D92 at the conference, held at the Earls Court Exhibition Centre, London, on April 19-21.
InfoSecurity Europe brings together experts, analysts and more than 300 IT security vendors from around the world. The annual three-day event draws more than 12,500 information security professionals from around the world, attracting industry thought leaders and the top international security vendors.

"With security threats more pervasive than ever, the standard approach centered on proprietary software simply isn't working. There's proof of that in the headlines every day," commented Brian Berger, Wave's EVP of Marketing & Sales. "This year PwC has agreed to share their experience using Trusted Platform Module (TPM) chips for authentication. Wave will also showcase how self-encrypting drives (SEDs) managed by Wave's EMBASSY software enable enterprises to take proactive steps in protecting sensitive information."

WHAT: "Improving Information Security on a Tight Budget" workshop featuring PwC.
WHEN: Wednesday, April 20, 11:15 am - 1:15 p.m. and 2:00 - 4:00pm BST.
WHERE: Earls Court Exhibition Centre, Earls Court, London

On Wednesday, PwC's Boudewijn Kiljan, Solution Architect, will discuss how the global auditing, tax and advisory firm is addressing authentication for its global employee base using Wave software and Trusted Platform Module (TPM) security chips. The TPM, a cryptographic integrated circuit, provides a hardware-based root of trust directly embedded in today's business-class PCs. PwC is rolling out its authentication solution for the TPM on 85,000 PCs this year as part of a global deployment to all 150,000+ employees.

The workshop will also cover hardware encryption, from set up and deployment costs, ongoing management and strength of security. SEDs store encryption keys within the drive hardware itself. Since the keys never leave the drive, SEDs are not susceptible to traditional software attacks. In addition, they impose no drag on a laptop's operating resources, ensuring ironclad data security that remains transparent to the laptop's end user.

EMBASSY® Remote Administration Server (ERAS) enables IT to turn on each self-encrypting drive in seconds (as opposed to up to several hours per PC with software-based encryption), set security policies and provide detailed event logs to demonstrate that the data was fully encrypted if a laptop goes missing.

About Wave Systems
Wave Systems Corp. (NASDAQ: WAVX) reduces the complexity, cost and uncertainty of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the hardware security capabilities built directly into endpoint computing platforms themselves. Wave has been among the foremost experts on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.

Safe Harbor for Forward-Looking Statements
This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements.

All brands are the property of their respective owners.

http://newsblaze.com/story/2011041821005900001.mwir/topstory.html

Yes AprilJ




I and many others have a presplit average around 30 cents. I know you guys love to quote presplit prices. I have never been more comfortable with my Wave position. I am very happy Wavx hit lows of .30 & .40 cents allowing me to average down and load up.

I do however find you very amusing. There seems to be a bit of bleu in your dialogue LOL

WAVE SYSTEMS SELECTED AS A FIRE 2011 FIRESTARTER COMPANY



FRIDAY HARBOR, Washington, March 31, 2011



Strategic News Service is proud to announce that Wave Systems has been selected as a 2011 FiReStarter company, to be featured at its annual Future in Review (FiRe) technology conference. FiReStarter companies are selected based on their potential to bring positive change to the world, and are showcased before, after and during the conference, both onstage and at an exclusive investor reception.



Wave Systems Corp. (NASDAQ:WAVX) reduces the complexity, cost and uncertainly of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the security capabilities built directly into endpoint computing platforms themselves. For 20 years, Wave has been the foremost expert on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.



Conventional security based on software alone fails to authenticate users and machines on the network or fully secure data on lost or stolen laptops. Yet there is a powerful infrastructure in place today that can address these issues and safeguard against the most pernicious cyber threats. That security model focuses on device identity and it’s been successfully deployed by the cable and cellular phone industries for more than a decade.



“Imagine doing away with multiple user names and passwords and simply logging into your device. Then your device securely and seamlessly logs you into your applications and services on the network or in the cloud,” commented Steven Sprague, President & CEO of Wave Systems. “Those capabilities exist today because of hardware security pre-installed on PCs and computing platforms; the challenge is letting the world know about the industry’s collaboration to create these standards. It’s no longer a technical challenge, but it’s one of awareness of the hardware security embedded in our computing devices—it’s already there and it’s easy to turn it on.”



Future in Review is an annual gathering of world-class thought leaders in technology and economics. FiRe attendees convene each year with the goal of solving major world problems; a goal that is consistently met through FiRe’s collaboration across disparate industries and the intellectual and strategic guidance of FiRe Chair and SNS CEO, Mark Anderson. Now in its ninth year, Future in Review 2011 will take place May 24-27th at the beautiful Montage Resort in Laguna Beach, California. The Economist has called FiRe “The best technology conference in the world.”



"At a time when Economic Cyberwar is taking center stage as both a security and global economic issue, Wave Systems' ability to secure down to the device is an important part of the armaments list each vendor should have," said Anderson, FiRe Chair and SNS CEO. "We grew to understand the impact that Wave's solutions are having for real users in the market when Steven Sprague joined us last fall for our FireGlobal West Coast event. With hardware-based security built into more than 500 million computing devices, we're excited to have Wave Systems as a 2011 FiReStarter company, to demonstrate how we can strengthen and simplify security in a world of fast-changing threats and vulnerabilities."



To register, and to see the draft agenda, go to www.futureinreview.com.





__________________________________________________________________________________

Strategic News Service was founded by Mark Anderson in 1995 as the first paid online news service. Since its inception, SNS has proven the most accurate predictive newsletter covering the computer and telecom industries. Its subscribers include top managers at technology companies across the globe, including Microsoft, Dell, HP, Cisco, Intel, Sun, Google, Telstra, Orange and others.



SNS has been operating the annual FiRe Conference for nine years. The Economist calls FiRe “the best technology conference in the world.” FiRe exposes world experts and participants to new ideas, producing an accurate portrait of the future and focuses on creating technology solutions to current local and global problems. FiRe 2011 will take place May 24-27, 2011 at the Montage Resort in Laguna Beach, CA. For more information go to www.futureinreview.com.



Future in ReviewTM is a Strategic News ServiceTM conference. Future in ReviewTM, and Strategic News ServiceTM are registered international trademarks. The SNS newsletter is the most accurate publicly ranked predictive newsletter in computing and communications.



Websites: www.stratnews.com, www.futureinreview.com, www.futureinreview.com/global/wcJakes Dad

Posts: 110
Joined: Wed Jan 26, 2011 11:33 am
Private message

Ramspower




Perhaps the poster is Bill Buckner and he just let one go right between his legs


from a die hard Met fan

Hi Alea


The PWC Power Point Presentation from a recent show clearly illustrates where PWC is headed in the TC space. It looks like SSDs are clearly in the future. Unless someone else other than Wave creates tools to manage SEDs/SSDs & the TPM they seem to be a large customer target in the future. We clearly don't know how long it will take them to begin implementation to the SEDs but its surley on the horizon.

When I asked SKS at the last SHM what was the probably of PWC adopting ERAs in the future he answered 100%. I will conceed however that SKSs predictions have not allows been on target.

check out page # 13

Self encrypting solid state disk drives to boost performance of laptops (TCG-Opal) –will require key escrow capability

http://www.trustedcomputinggroup.org/files/resource_files/346839FC-1A4B-B294-D00AFF9CB5A75CB4/TCG%20%20Seminar%20RSA%20Conference%202011%20Keynote.pdf

JD

alea....................



A recent pdf posted on this board from one of the shows stated PWC next step is to deploy SEDs. How can PWC can manage SEDs and TPMs without Waves ERAs?

TIA

JD

AprilJ



Funny.......I did my homework when WAVX was .40 and loaded the wagons there. I guess it depends when you do your homework?


JD

Micro



I think your looking at this the wrong way. SKS is CEO of a publicly traded company with an appox 250 million dollar market cap. I would bet if you did an analysis on CEO's pay for those type of public companies SKS would be in the bottom 10% of the pay scale.

Furthermore Steven works his ass off. He travels around the world like you and I go to the grocery store.

Great idea for another survey: I wonder what percent of those same public companies with similar market cap have a CEO that works harder and travels more then Steven?

And as far as results:

SKS has kept the company in business, debt free, and ready for a market that is larger in scope than anyone here can imagine(besides awk)

JD

JKIRK: Great Find must listen tx

Boston Medical Center (Wave Case Sudy)


http://www.wave.com/collateral/03-000288_BMC.pdf

NSA Terminates High Assurance Platform

News, via InformationWeek’s, of the United States National Security Agency’s termination of the agency’s highly regarded High Assurance Platform (HAP). More, after the jump.

via InformationWeek’s J. Nicholas Hoover: “NSA Winds Down Secure Virtualization Platform Development“

“After several years in the making and two releases, the National Security Agency is winding down new development of its secure client virtualization framework, the High Assurance Platform (HAP). At HAP’s inception, NSA wanted an integrated, networked framework of virtualization and security technology, but the market had yet to deliver one. So NSA set out to piece together the disparate hardware and software that commercial vendors had already placed on the market. “We saw all of these things,” Neil Kittleson, the commercial solutions center’s trusted computing portfolio manager, said in an interview. “And we saw the need to create custom policy around it to get them all to work in parallel.”…”

http://infosecurity.us/?p=19664

Interesting Job at Wave.............


Senior Escalation Engineer
Wave Systems Corp. - Cupertino, CA (San Francisco Bay Area)
Job Description
Are you ready to join a team of the world’s best technical experts to enable the success of Wave’s Identity and Data security solutions for our commercial accounts?

You will have a chance to solve technically complex problems for the some of the world’s largest companies. As a trusted advisor to the senior data center admins, you will have influence over the implementation of a broad range of solutions. Your technical and relationship skills are critical to the success of our solution and the customer’s perception of value.



We help earn customers’ loyalty for a lifetime, while working in partnership with product development to help improve product quality. We are there to help customers when they need help the most. In this role, you have an opportunity to be a personal hero for a customer who is experiencing critical problems with their most critical infrastructure and edge technologies.

You will have a chance to use source code and debugging to solve technically complex problems and working with the largest enterprise customers. As an Escalation Engineer, you are a technical leader and will have many opportunities to assist in the growth of other Engineers through one-on-one mentoring, one-to-many education scenarios and case collaboration. You will be designing and driving the discovery of potentially unique solutions for each customer situation as part of a team. We’ll provide you with abundant resources, including the product source code, Design specifications and advanced diagnostic tools. As a member of this engineering organization, you will benefit from access to the most comprehensive collection of experts as well as the opportunity to work directly with the Product Managers and Developers who design and build the product. You will also have the opportunity to collaborate and help your colleagues by sharing the results of your investigation. An Escalation Engineer is also a key technical interface to the Product Group for the resolution of high impact or pervasive issues effecting Wave's corporate and Cloud customers. In this professional role, your contribution and overall impact is self-directed and the opportunities are plentiful.



Our world can only be described as a continuous learning environment with significant investment in allowing top technical minds to reach their full potential. There are many career paths in this position, including becoming a subject-matter expert, Team management or developing code through an escalation services role. Join our team of smart people and great leaders, and experience working with our cutting-edge technology including cloud services.


Responsibilities:

- Represent Wave in communications with corporate customers via telephone, written correspondence, or electronic service to assist customers in resolving technical issues involving Wave’s products and technologies

- Understand and document complex customer issues involving several functional components across Client, Server and Cloud (SaaS) services, establish an action plan and drive a consistent root cause analysis process.

- Establish and communicate on a regular basis, case status information, technical and commercial impact statement and communicate those to technical stakeholders and senior management.

- Provide code level root cause analysis and steps to reproduce to the development team with suggested workaround or minimal impact code fix.

- When necessary, build reproduction environments to simulate and reproduce customer issues.

- Work across product teams and understand cross product architectural dependencies and have a holistic understand and ownership of the supportability process across all product areas.

- Act as a lead, and assist in identifying and recruiting additional escalation engineers to your team as it becomes necessary.

- Provide feedback on process, tools and product enhancements required to increase customer satisfaction and product supportability.

- Foster positive customer relationships and build customer loyalty in Wave, while effectively managing challenging situations.

- Demonstrate strong interpersonal and communication skills, while working with varying audiences from highly technical engineers, to developers and architects, as well as executive level management.

- Demonstrate leadership through personal responsibility, accountability and teamwork.

- Act as a technical focal point in cooperative relationships with other companies.

- Manage critical situations that may involve technically challenging issues and diverse audiences.

- Receive escalated, technically complex mission critical or politically hot customer issues and maintain ownership of the issue until resolved completely.

- Be responsive to customer needs, both within and outside of normal business hours in some situations or as part of an on-call rotation.

- Apply a logical and methodical approach to remote problem resolution.

- Use trace analysis, debug skills, source code, as well as sophisticated and proprietary tools, to analyze problems and develop solutions to meet customer needs; this may involve writing code.

- Maintain strong working knowledge of released products, take ownership for product improvement and participate in pre-release activities and BETA programs.

- Work directly with the Development and Sustained Engineer teams to obtain product design information.

- Interact daily with other customer support engineers to provide technical action plans or take ownership of cases that require escalation.

- Create technical content including Knowledge Base articles, whitepapers, training documents and blog postings.

- Act as a subject matter expert providing continues proactive knowledge transfer to the customer support field engineering organizations.

- Write, debug and Provide sample scripts to customers and field to address ad-hoc issue in VBscript or JavaScript.

- Opportunities to travel both within the US and internationally to other Wave locations for training and meetings or to customer sites to assist with problem resolution may be available.

- Certification as an MCSE, MCSD or MCPD is facilitated through company provided resources and testing and is required within one year of employment. Candidates with existing certificates are highly encouraged.
Desired Skills & Experience
Basic Qualifications



- Experience with post-mortem debugging using Visual studio or similar debugger tools

- Able to read and analyze C++ and C#.

- Ability to capture, read and analyze network traces.

- Working knowledge of Windows Architecture and Internals (e.g. Processes, Threads, Memory Management, Networking, and Kernel Architecture)

- Ability to read trace logs, understand code execution flows, and perform user mode debugging.

- Knowledge of tracing and logging facilities of the Windows server and client platforms.

- Knowledge of basic transact SQL query language, preferably with Microsoft Sql server.

- Good conceptual understanding of Data encryption, Authentication, PKI and Enterprise and internet security architecture.

- Previous experience working in an administrative, consulting or development capacity on an enterprise server product, such as Active directory, SQL, IIS, or Security management or similar Microsoft or other Windows based products.



Preferred Qualifications:



- Candidate must be a strong critical thinker, and enjoy solving challenging problems (often involving code level analysis). Escalation Engineers are frequently involved with high profile issues, and therefore must be able to handle both political and complex situations. Candidates must also have strong customer service, accurate logical problem solving and communication skills, and the ability to work in a team environment.

- Experience with Mobile phone platforms preferred but not required.

- Virtualization and SaaS service management or support experience is a plus.

- The ideal candidate may have a four year degree in C.S. or Engineering and a minimum of four years product support experience or the equivalent in work experience.

- Ability to provide targeted code changed in C# or C++ as a hotfix or debug build is preferred but not required.
Company Description
Wave Systems is a leading provider of client and server software for hardware-based digital security, enabling organizations to know who is connecting to their critical IT infrastructure, protect corporate data, and strengthen the boundaries of their networks. Wave’s core products are based around the Trusted Platform Module (TPM), the industry-standard hardware security chip that is included as standard equipment on most enterprise-class PCs shipping today. A TPM is a highly secure cryptographic support system. It generates, stores and processes keys, which can be used to encrypt information and harden identities. It provides a broad range of security features, but because the TPM works independently of the operating system, it can serve as a “root of trust,” verifying the integrity of the machine and user.

Additional Information
Posted:March 2, 2011
Type:Full-time
Experience:Associate
Functions:Marketing
Industries:Computer Software

http://www.linkedin.com/jobs?viewJob=&jobId=1447113&srchIndex=2&trk=njsrch_hits&goback=.fjs_*1_*1_*1_Y_*1_*1_*1_1_R_true_*2_*2_*2_*2_*2_*2_*2_*2
Job ID:1447113

This looks new too:


Senior QA Engineer
About the Job


Full time Senior QA Engineer



Candidates must have:
- Minimum of 3 years testing of integrated hardware/ software products
- Experience in setting up and troubleshooting Windows-based PCs.
- Experience in testing Windows client-server applications
- Experience user of Win2K, Win XP, and Vista .
Having the following skills is an advantage:
- Experience using WinRunner and/ or Test Director
- Knowledge or familiarity of Windows BIOS, smartcard, software security, and/ or Trusted Computing Group (TCG) technology.
- Knowledge of XML, Active Directory, SSL.

Wave Systems offer competitive salary, great benefit package, casual dress code and friendly working environment.

http://jobview.monster.com/Senior-QA-Engineer-Job-Cupertino-CA-US-93195335.aspx

Foam



The microsoft link does not work, can you repost the link?

Thanks

JD

Fujitsu Australia & New Zealand.Fujitsu Rolls Out World Leading Global Cloud Network

Fujitsu, a leading provider of ICT business solutions, today announced the unveiling of its Global Cloud Services portfolio. Fujitsu Australia and New Zealand (FANZ) is the first region outside Japan to roll out Fujitsu’s standardised global cloud offering. Combining the scale of public platforms and the security and customisation of private networks, the cloud platform is designed to provide customers with the best of both worlds from Fujitsu’s Australian data centre operations.
The Australian launch of the global cloud service is part of a rolling program which by year end will see Fujitsu as the first vendor in the world with premium cloud offerings based in Tier III data centres located in every major geographic region including Australia, Singapore, USA, UK and Germany, coupled with a globally standardised approach to service and pricing. Fujitsu’s Cloud Services offer a fully flexible model for IT infrastructure, platforms and applications, allowing enterprises to match technology systems and costs directly to changing business needs. The offering is also differentiated by providing the highest levels of availability, depending on customer requirements, and its highly sophisticated self-service portal.

The implementation and launch of this global cloud service is the result of a progressive evolution of new platforms which Fujitsu spent 14 months independently building and testing to ensure they were customer ready before taking them to the marketplace in 2010. Fujitsu’s trusted cloud offering has combined the scale of public platforms and the security and customisation of private networks to give customers the best of all worlds.

In announcing the rollout of Global Cloud Services, Cameron McNaught, Group Executive Director - Solutions and Cloud Services, Fujitsu Australia and New Zealand, said: “We are shaping the future with our customers. No one else can match this growing portfolio of trusted cloud solutions or this number of networked Tier III locations. And Fujitsu Australia is proud to be at the forefront of these developments. We are delivering to local enterprises fully featured, high efficiency services, from a global network, to facilitate their expansion into the international marketplace. Fujitsu’s trusted cloud offering has combined the scale of public platforms and the security and customisation of private networks to give customers the best of all worlds.

“Fujitsu’s genuine cloud offering has become a real alternative to traditional IT consumption models. Twelve months ago cloud was niche. Because we’re delivering on our ambitious cloud program, we’re seeing customers moving key, mainstream business applications to the cloud,” McNaught said. Fujitsu ANZ’s Infrastructure-as-a-Service (IaaS) offering is already providing measurable benefits to customers such as IT service vendor CA Technologies. Consumer goods multinational Frucor and automotive manufacturer Toyota Australia also recently announced they had joined the service.

The Fujitsu approach delivers a single point of contact for the provision and management of all infrastructure requirements through its Cloud Services Portal. The interactive self-service portal allows customers to adjust services, change capacity and usage, and manage billing, in real time with actual pay per use.

McNaught said: “The Fujitsu design work on the portal, and the consequent commissioning of physical services in the background, is simply staggering. The ability to drag and drop storage and server configurations into your cloud environment, in real time, is where IT productivity has taken a dramatic leap forward with an unprecedented level of flexibility and agility.

“IT shops are always under pressure. The provisioning required to support new go-to-market opportunities takes weeks or months using traditional models. By the time you ordered, racked, cabled, installed and tested months go by. But now with Fujitsu’s cloud IaaS, infrastructure components can be quickly dragged and dropped into immediate action, and 4-6 week network connections happen literally in seconds. With Fujitsu taking responsibility for customers’ infrastructure needs, internal IT resources can focus on core service delivery.

“Drag, drop, click, next – who would ever have thought provisioning data centre services could be so easy, fast and future proof?” he said.

The rollout of Fujitsu’s global cloud network, based on fully provisioned, identical, large scale cloud infrastructure, is a vital step in its drive to make consumption of server and storage infrastructure simple, cost effective and on the way to becoming truly commoditised.

The environmental impact of IT features prominently in Fujitsu’s development of all data centre and supporting services strategies and is increasingly influential in customer selection processes.

The expansion of these Cloud Services will see a range of offerings rolled out this year such as a SaaS suite including messaging, CRM and unified technologies later in 2011. Growth in customer success is also driving growth in Fujitsu’s data centre real estate with additional facilities coming online shortly in Sydney and Melbourne.

ENDS

About Fujitsu Fujitsu is a leading provider of ICT-based business solutions for the global marketplace. With approximately 170,000 employees supporting customers in 70 countries, Fujitsu combines a worldwide corps of systems and services experts with highly reliable computing and communications products and advanced microelectronics to deliver added value to customers. Headquartered in Tokyo, Fujitsu Limited (TSE:6702) reported consolidated revenues of 4.6 trillion yen (US$50 billion) for the fiscal year ended March 31, 2010. For more information, please see: www.fujitsu.com

About Fujitsu Australia and New Zealand Fujitsu Australia and New Zealand is a leading service provider of business, information technology and communications solutions. As the third largest ICT Company in the Australian and New Zealand marketplace, we partner with our customers to consult, design, build, operate and support business solutions. From strategic consulting to application and infrastructure solutions and services, Fujitsu Australia and New Zealand have earned a reputation as the single supplier of choice for leading corporate and government organisations. Fujitsu Australia Limited and Fujitsu New Zealand Limited are wholly owned subsidiaries of Fujitsu Limited (TSE: 6702). www.fujitsu.com.au

Media Contacts: Tracy Weller-McCormack General Manager, Marketing & Communications Fujitsu Australia and New Zealand Tel: +61 2 9113 9225 Mobile: +61 414 827 044 Email: tracy.mccormack@au.fujitsu.com

Or

Shuna Boyd BoydPR Tel: +61 2 9418 8100 Mobile: +61 419 415 301 Email: shuna@boydpr.com.au

http://www.cfoworld.com.au/mediareleases/12074/fujitsu-rolls-out-world-leading-global-cloud/

Intel Whitepaper link:

ftp://download.intel.com/design/intarch/PAPERS/324240.pdf

New Intel Whitepaper TCG TPM & HAP

How COTS Components Meet Critical Gaming Regulations:


ftp://download.intel.com/design/intarch

go-Kite


SKS stated that when TDM is purchased attach rate is nearly 100%, makes perfect sense. Keep in mind software SED management does not include TDM......its all good imo


JD

bake56



Your buddy is pulling your leg. The volume at $4.25 was only a couple of thousand shares. Don't buy a bridge from this guy


19:42 $ 3.95 7,500
19:42 $ 3.95 5,000
19:42 $ 4.01 2,400
19:42 $ 4.07 3,000
19:42 $ 4.12 5,000
19:42 $ 4.16 1,000
19:42 $ 4.20 7,500
19:42 $ 4.25 2,000
16:39 $ 3.83 5,000
16:30 $ 3.8792 160
16:24 $ 3.83 5,000
16:22 $ 3.88 100

JD

Saint Barnabas Health Care System Selects Wave to Protect Personal Health Information on Laptops

New Jersey Largest Health Delivery System Standardizes on Wave Software for Managing Its Fleet of Self-Encrypting Hard Drives on Laptops Used by Medical Personnel and Executives
February 9, 2011 8:25 AM EST


LEE, MA -- (MARKET WIRE) -- 02/09/11 -- Wave Systems Corp. (NASDAQ: WAVX) (http://www.wave.com) today announced that Saint Barnabas Health Care System deployed self-encrypting drives (SEDs) managed by Wave's EMBASSY? software to protect personal health information (PHI) stored on 700 laptops used by doctors, nurses, administrators and executives in 25 facilities. Saint Barnabas had been using software encryption for years to comply with health care regulations and meet patient needs, but chose to upgrade to self-encrypting drives for stronger security and faster deployment times -- 24 hours faster on average per user.

"Patient trust is critical to all of us at Saint Barnabas," commented Hussein Syed, Saint Barnabas' Director of IT Security, whose responsibility encompasses all endpoint and network security. "We take patient and employee data confidentiality seriously, which is why we took steps to ensure it is protected at all times."

"Now should a breach happen," Syed continued, "first and foremost, there is the impact on our patients. Beyond that it would impact our credibility, especially if there were repeated occurrences."

Saint Barnabas is New Jersey's largest integrated health care delivery system, employing 19,000, including 4,600 physicians and operating six acute care facilities, nursing homes and outpatient centers that provide radiology and dialysis. Prominent names within the system include Newark Beth Israel Medical Center, Monmouth Medical Center in Long Branch and Saint Barnabas Medical Center in Livingston.

As part of delivering superior care, medical personnel routinely collect and handle sensitive patient data, including lab results, clinical data, patient medical histories and prescription usage. This information is often gathered bedside or in the ER, where laptops are brought in via mobile units. Administrators also use Patient Health Information (PHI) for "patient modeling," to develop better procedures and protocols for assuring that all patients in the Saint Barnabas system receive a high level of care. Laptops in use throughout the system all require encryption to safeguard patient privacy and stay in compliance with health regulations including the Health Insurance Portability and Accountability Act (HIPAA) and last year's Health Information Technology for Economic and Clinical Health (HITECH) Act.

Under HITECH, affected patients would have to be notified by a letter outlining the circumstances of the data breach, what information was compromised and the steps taken toward remediation. There would be a financial impact too, Syed noted, with the health system liable for legal costs and the expense of credit monitoring services for affected patients. Those costs can run several hundred dollars per affected individual, he said.

To mitigate the chance of PHI falling into the wrong hands Saint Barnabas was an early software full disk encryption (FDE) adopter.

"It did the job, but software encryption was slowing the performance of the machine, which had a measurably negative effect on productivity," Syed said. "It could take up to thirty minutes to boot up a PC with software encryption. Now boot up time is negligible."

To handle the encryption installations, drop off locations were designated at Saint Barnabas' facilities, where users were required to make an appointment. During the 24 to 36 hours required for the software to be installed and the contents of the drive encrypted, employees had to be issued a suitable loaner or had to go without. Remote users were required to initiate a remote desktop session via VPN and leave their PCs for the same period of time, periodically rebooting.

The dissatisfaction with software-FDE had Syed and his team looking for alternatives. A liaison at Dell introduced him to self-encrypting drives (SEDs). After conducting internal tests, Syed opted to implement Wave-managed SEDs for all laptops within the Saint Barnabas network. As laptops are "refreshed," all come pre-configured from the factory with an SED and Wave software as part of the standard configuration. Now with hundreds of PCs equipped with Wave-managed SEDs already deployed, Syed said installations have gone "seamlessly," averaging only 20-30 minutes per user, accounting for the time needed to set a password, integrate with Active Directory and to set security policies. After set up, most users "don't even know the drive is encrypted."

Remote Administration, Detailed Event Logs Part of the Value Wave Brings Wave's Trusted Drive Manager client software enables pre-boot authentication, the enrollment of drive administrators and users, and the ability to backup drive credentials. For centralized IT management of the self-encrypting drives, Wave's EMBASSY? Remote Administration Server (ERAS) enables IT managers to remotely turn on each drive in seconds and to provide detailed event logs for compliance assertions to prove that the security settings were in place if a loss or theft occurs.

About Wave Systems Corp. Wave provides software to help solve critical enterprise PC security challenges such as strong authentication, data protection, network access control and the management of these enterprise functions. Wave is a pioneer in hardware-based PC security and a founding member of the Trusted Computing Group (TCG), a consortium of more than 100 companies that forged open standards for hardware security. Wave's EMBASSY? line of client- and server-side software leverages and manages the security functions of the TCG's industry standard hardware security chip, the Trusted Platform Module (TPM) and supports the TCG's "Opal" self-encrypting drive standard. Self-encrypting drives are a growing segment of the data protection market, offering increased security and better performance than many existing software-based encryption solutions. TPMs are included on an estimated 300 million PCs and are standard equipment on many enterprise-class PCs shipping today. Using TPMs and Wave software, enterprises can substantially and cost-effectively strengthen their current security solutions. For more information about Wave and its solutions, visit http://www.wave.com.

Safe Harbor for Forward-Looking Statements This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements.

All brands are the property of their respective owners.

Company:
Wave Systems Corp.
Michael Wheeler
413-243-7026
mwheeler@wavesys.com


http://www.streetinsider.com/Press+Releases/Saint+Barnabas+Health+Care+System+Selects+Wave+to+Protect+Personal+Health+Information+on+Laptops/6271615.html

thank you

Hi,

I just wanted to see if you can elaborate on the short #s and how you come up with the percentages and what they mean

Thanks

If you go long here a year from now you will be rich

When are we going to get serious about computer/network security (Part 1)?

Posted on January 26, 2011 by halberenson

I’m going to start a little series of posts to demonstrate that “we” aren’t serious about computer and network security. By “we” I mean everyone from individual users of mobile phones and computers through to the government, telecommunications carriers, and equipment providers that together are responsible for the backbone of the Internet.

In the last 15 months two members of my family have had their notebook computers stolen. I was one of them. As it turned out my computer was owned by my employer and they mandated use of Microsoft’s BitLocker feature to encrypt the hard drive. Whenever the computer was booted you had to enter a PIN which would unlock the key needed to access the encrypted drive. Without the PIN that key remained locked away in a special chip called the Trusted Platform Module (TPM) and the hard drive could not be read. So when my notebook was stolen I didn’t worry about it. The notebook was a brick from which no one short of the NSA was going to get any of my (or my employer’s) data. Some months later a relative’s work notebook was also stolen, Unfortunately her employer didn’t mandate hard drive encryption and so both their proprietary data and her personal data had to be considered compromised. This is a common occurrence and one that has impacted me personally on a number of occasions. For example, when a notebook containing data about HP Pension Plan participants was stolen.

Now why aren’t all hard drives encrypted by default? I could blame this on Microsoft, Apple, and PC makers but that wouldn’t be completely fair. There is a combination of lack of sufficient push from the industry and lack of sufficient pull from users. The problem is that unless security is “free”, not just in financial terms but also in usability, then end-users aren’t too interested. I already described one usability issue, that you have to enter a PIN to boot your computer, and that is just the tip of the iceberg.

All encryption systems have what is known as “the key management problem”. I won’t go into all the permutations but let me give a simple example. Encryption takes place according to a key that either the user supplies or the system automatically generates. User supplied keys, like passwords, tend not to be very good because they are too short and often guessable. What you really want is a long (dozens of characters or more) randomly generated key. But of course a human being can never remember such a key, nor would they be willing to enter it every time they started up their computer. So one solution is to securely store a long randomly generated key somewhere and then have a short code to unlock the key. The TPM provides that local secure storage. But what happens if you forget the code that unlocks the key in the TPM, the TPM is damaged, or some other system failure occurs? How do you recover the data on the hard drive? Well, you need to have a recovery key stored elsewhere. In a corporate environment using Microsoft Bitlocker the keys are automatically backed up to the organization’s Domain Controller. But what does a consumer do? They have to keep a manual backup of the key, and if they lose it and then need it later the data on the hard drive is lost. I have sitting in a safe printouts of keys from a number of older computers that I used BitLocker on. First of all I don’t know which printout goes with what (no longer in my possession) computer. Second, they are locked in a safe. If my hard drive suddenly became unusable while I’m 3000 miles away I wouldn’t have been able to get the code to fix it.

But it gets worse. Because consumers don’t use features that depend on the TPM computer makers don’t include TPMs in consumer grade notebooks! So where do you store the key in the first place? Well, for BitLocker the answer is that if you don’t have a TPM you have to use a USB flash drive to store the key. Then if the USB drive isn’t attached you can’t boot the computer. I don’t know about you, but I really don’t want to have to plug a USB flash drive in every time I start my computer. Worse, I can assure you such a drive will get left in a Starbucks or on an airplane at some point in time rendering my computer unbootable.

There is another problem as well. Acquiring the PIN and the decryption key from the TPM (or other location) occurs at boot time. Once running a system is vulnerable until a reboot is required. This would seem like a small window of vulnerability except for one thing SLEEP mode. Most of us really like the near instant on capability that SLEEP provides and so our notebooks are set to SLEEP if the lid is closed or power management turns off the system. Just open the lid and you are back in business just about instantaneously! Of course, this doesn’t go through the boot sequence and thus when your sleeping notebook is stolen it is vulnerable. The solution is to change your power management settings so that instead of going to SLEEP your notebook HIBERNATEs. When a hibernating PC wakes up it does go through the boot sequence and you have to enter your pin. Unfortunately coming out of HIBERNATE will take tens of seconds to a minute or more compared to the instant on of SLEEP, and this may be unacceptable to many users.

Given the lack of TPMs in consumer grade machines, and the lack of a decent backup scheme in non-Domain environments, Microsoft leaves BitLocker out of most Windows SKUs. You have to have Windows Enterprise or Windows Ultimate to get BitLocker. Now the chicken and egg problem is complete. Most people don’t use hard drive encryption because the support doesn’t come built-in to their machine, and neither the hardware manufacturers nor OS supplier will provide it by default because users aren’t clamoring for it. The net result is that in many (if not most) cases if a notebook is stolen then the information on it is compromised. Be that the social security numbers of your employees or your own credit card numbers, it is a bad thing.

By the way, I’m not really picking on Microsoft here (other than as part of the overall group of hardware/OS suppliers). Apple doesn’t appear to offer full hard drive encryption for the Mac at all. Nor have the OEMs stood up and put alternate encryption solutions in place. Both Microsoft and Apple offer the ability to encrypt individual folder hierarchies on a hard drive, but this is far less secure than full hard drive encryption. For example although the original files might be encrypted temporary copies may be stored in areas of the hard drive outside the folder hierarchy and thus are not encrypted.

There are any number of third-party solutions available, including hard drives with built-in encryption. I recommend (and also use) TrueCrypt for machines where BitLocker isn’t feasible. It is free, so financial considerations shouldn’t keep one from using it. Key storage isn’t quite as secure as a TPM, and results in the startup PIN being a long (20-30 character) password unlike the 6-8 digits you would use with a TPM and Bitlocker. Recovery key management is similar to Bitlocker in non-Domain environments except that TrueCrypt forces you to create a recovery CD/DVD before it will encrypt the drive. The same problem thus exists, the recovery CD is sitting in a safe and likely rather inaccessible should I ever need it. But given all my critical data is stored in the cloud, I’ll take the (slight) chance of ending up with a dead machine over the pain of having my identity stolen should the notebook get stolen.

So what would happen if “we” were serious about security? All notebooks (and perhaps even desktops) would come with full hard drive encryption on by default. Supplying a PIN would be part of the initial setup. A TPM or equivalent would be included in all computers. Key backup services for consumers would be provided by Microsoft (via Skydrive for instance), other encryption provider, or the OEMs. SLEEP would invalidate the hard drive keys and waking from the sleep state would go through a process to re-acquire them, thus giving a secure (and almost as) instant-on capability.

By the way, Apple almost gets it right with the iPad. All data on an iPad is encrypted. Unfortunately, unless your organization forces it as part of your access to Exchange email, most users don’t use a passcode lock on their iPad. Or if they do, they use simple 4-digit PINs instead of complex passwords. And in either case they don’t turn on the feature to wipe the device after a number of false passwords are entered. And if they do turn it on then IOS allows too many attempts (10) before wiping the device, particularly with a 4 digit PIN. The encryption does no good without a decent passcode.

http://hal2020.com/2011/01/26/when-are-we-going-to-get-serious-about-computernetwork-security-part-1/

PricewaterhouseCoopers to Keynote Trusted Computing Group Session at RSA Conference 2011

CUNA Mutual Group, Dell, Dendreon, General Dynamics C4 Systems, National Security Agency, PricewaterhouseCoopers and Other Leading Enterprises to Talk Network Security, Authentication and Data Protection with Leading Analysts

RSA Conference 2011
PORTLAND, Ore.--(BUSINESS WIRE)--Trusted Computing Group (TCG), a worldwide open industry standards organization, today announced that Karl Wagner, director of global networking, PricewaterhouseCoopers International Limited, will address RSA Conference 2011 attendees at TCG’s seminar on Monday, Feb. 14, 11 a.m. – 3 p.m.

“Deployment Models for Your Future Network Security Solutions”
.At 11 a.m., Wagner will address challenges of data protection and authentication and relate how the company has used Trusted Platform Modules to ensure mission-critical data is safe. PwC focuses on audit and assurance, tax and advisory services concentrating on 16 key industries resolving complex issues and identifying opportunities for clients.

Steve Hanna, Juniper Networks distinguished engineer and co-chair, TCG’s Trusted Network Connect Work Group, will give a brief overview of Trusted Computing today, including TCG’s latest efforts to help secure cloud computing.

Following the keynote and demonstrations sponsored by General Dynamics C4 Systems, Infoblox, Juniper Networks, Lumeta Corporation and Wave Systems, panel sessions will engage participants and attendees in first-hand discussions of issues and challenges in securing networks, implementing data protection and using trusted systems.

Eric Ogren, the Ogren Group, will host the first panel, “Deployment Models for Your Future Network Security Solutions,” at 12:10 – 12:50 p.m. with panelists Michael Lindskov, senior manager and enterprise architect at CUNA Mutual Group, the leading provider of financial services to credit unions and their members for 75 years; and Paul Bartock, technical director for information assurance transformation, vulnerability analysis and operation group, National Security Agency. Network security and security coordination will be discussed.

Authentication and trusted systems incorporating the Trusted Platform Module will be addressed in the panel “Eliminating Risks and Cost with the TPM,” at 1:05 p.m. Roger Kay, Endpoint Technologies, will lead this panel with case studies and discussion by Information Assurance Principal Engineer Jeremy Wyant, General Dynamics, which develops and integrates secure communication and information systems and technology, and PwC’s Karl Wagner and Boudewijn Kiljan. Brian Berger, executive vice president, marketing and sales, Wave Systems, also will participate.

Following additional demonstrations of trusted systems by the sponsor companies and by TCG members Absolute Software, Byres Security, Samsung Electronics, Toshiba, WinMagic and ULink Technology, Aberdeen Group’s Derek Brink, CISSP will lead a session on data protection, “Faster, Lower Costs and Higher Assurance – the Role of Encrypted Hard Drives.” David Bowers, manager, LE client technologists at Dell; Jeff Kam, CITAM, IT Asset Manager, Dendreon Corporation; and Stan Potter, National Security Agency will talk about their challenges in protecting confidential data and available solutions, including self-encrypting drives.

To learn more about the Trusted Computing Group RSA seminar or to register, go to http://www.rsaconference.com/2011/usa/registration.htm.

The Trusted Computing Group (TCG) provides open standards that enable a safer computing environment across platforms and geographies. Benefits of Trusted Computing include protection of business-critical data and systems, secure authentication and strong protection of user identities, and the establishment of strong machine identity and network integrity. Organizations using built-in, widely available trusted hardware and applications reduce their total cost of ownership. TCG technologies also provide regulatory compliance that is based upon trustworthy hardware. More information and the organization’s specifications and work groups are available at the Trusted Computing Group’s website, www.trustedcomputinggroup.org. Follow TCG on Twitter and on LinkedIn.

Brands and trademarks are the property of their respective owners

http://www.businesswire.com/news/home/20110126005493/en/PricewaterhouseCoopers-Keynote-Trusted-Computing-Group-Session-RSA

Cloud Computing Dominates IT Priority List for 2011, Unisys Polls Show
January 26, 2011
Tags Critical ProblemsnyseUnisys

Respondents to recent online polls show cloud computing as top IT investment priority for 2011, followed by support for mobile/end-user devices

BLUE BELL, Pa., Jan. 26, 2011 /PRNewswire/ -- Investing in cloud computing – primarily private clouds – is a top priority for IT organizations for 2011, according to two online polls Unisys Corporation (NYSE: UIS) conducted on the Unisys.com website in recent weeks.

The latest Unisys poll, completed on January 24, asked people to name their organization's biggest priority for IT investment in 2011. Of the 262 respondents to the poll, 44 percent indicated that cloud computing would be their top priority. By contrast, 24 percent named support for mobile/end-user devices as their primary IT investment focus.

In addition, 17 percent of respondents cited cybersecurity as their top IT investment priority for 2011, while 15 percent said cost-cutting would be their top priority in the new year.

An earlier poll in December 2010, which drew 88 responses, asked about intentions to implement cloud computing. Eighty percent of the respondents said their organization was planning some kind of cloud, with 45 percent – the largest group – citing a private cloud. Fifteen percent said their company was focusing on a public cloud. Another 21 percent cited a focus on a hybrid cloud, which blends public and private elements.

This preference for private clouds corroborates Unisys' recently published prediction that enterprise adoption of the cloud would accelerate over the next 12 months, with private clouds initially leading the way.

"These poll results are further evidence that organizations are no longer debating whether cloud computing makes sense for their organization. They are now deciding how to get started and what type of cloud best fits their initial strategy," said Sam Gross, vice president, Global IT Outsourcing Solutions, Unisys.

About Unisys

Unisys is a worldwide information technology company. We provide a portfolio of IT services, software, and technology that solves critical problems for clients. We specialize in helping clients secure their operations, increase the efficiency and utilization of their data centers, enhance support to their end users and constituents, and modernize their enterprise applications. To provide these services and solutions, we bring together offerings and capabilities in outsourcing services, systems integration and consulting services, infrastructure services, maintenance services, and high-end server technology. With approximately 23,000 employees, Unisys serves commercial organizations and government agencies throughout the world. For more information, visit www.unisys.com.

RELEASE NO: 0126/9015

Unisys is a registered trademark of Unisys Corporation. All other brands and products referenced herein are acknowledged to be trademarks or registered trademarks of their respective holders.

SOURCE Unisys



http://www.fiercecio.com/press-releases/cloud-computing-dominates-it-priority-list-2011-unisys-polls-show

EMC Tops EPS Estimates:Trusted Cloud Computing Mention

Self-encrypted drives set to become standard fare

By Melissa J. Perenson | Jan 26, 2011

(looks like a reprint but dated today?)

We've seen this coming over time: Based on the Trusted Computing Group's standard, hard drives and solid state drives (SSD), are offering self-encryption built-in. The key difference with these next-generation encrypted drives is that these units have the encryption integrated into a single chip on drive in the drive.

Securing data storage is especially important for small businesses, due to legal specifications that require companies to report breaches, and to maintain data for long periods of time for accountability purposes.

More than 45 states have data privacy laws with encryption safe harbors. In 2008, the average cost of notification regarding a data breach was $6.65 million per incident.

That adds up fast if a flash drive with company personnel and salary data is compromised, for example. At the Storage Visions 2011 conference here in Las Vegas, another stat thrown around that's gives pause: Since 2005, over 345,124,400 records containing sensitive personal information have been involved in security breaches.

One of the advantages to the single-chip, no-software approach now in place: There's no performance degradation. It's also safer; the encryption keys are generated within the drive, so there are no keys to lose. The keys never leave the drive.

What is a self-encrypted hard drive? The drive itself protects the data, with either 128-bit or 256-bit AES keys that are stored in the drive itself.

"Technically, it's a self-protecting device," said Robert Thibadeau, senior vice president and chief scientist at Wave Systems, and a representative for the Trusted Computing Group, which oversees the technical specification for self-encrypting hard drives.

There's the media encryption key that encrypts the data, and the authentication key that is used to unlock the drive and decrypt the media encryption key. Without the authentication key, there is no media encryption key in the drive at all. You create the password, then the only way to get back onto the drive--and to the data that's on the drive--is with the password (or passwords) you set up.

Full-disk encryption can refer to software or hardware encryption, whereas self-encrypted hard drives are just hardware encryption. Microsoft coined the term full-disk encryption, but that term became confused with the encryption done by software like Bitlocker. Initially there was a premium, but at this point there's little to no premium for buying one. Every drive maker makes self-encrypting drives.

In a few years, predicts Thibadeau, you'll be buying a self-encrypting drive and you won't even realize it-because it will be so pervasive. "The encryption just works, it doesn't impact you."

Samsung just introduced at Consumer Electronics Show in the US it's a 256-bit self-encrypted series of USB 3.0 hard drives. The drives include three new external drives, in 1TB, 1.5TB, and 2TB. The drives come with Samsung's auto-backup software, and Samsung SecretZone for creating a secure virtual drive, and SafetyKey for setting up passwords and encrypted data backup. The drives are due in April; prices to be announced.

PC World (US)

http://www.cw.com.hk/content/self-encrypted-drives-set-become-standard-fare

24601


Yes that appears to be the case. What is significant IMO is that a Wave employee is beginning to put some faces on those System Integrators that Steven has been referring to for the past 12 months.

Now lets close the deals and get this "Tidal Wave" started

JD

Fullmoon


Nice article

I would love to know how the author came to this conclusion:

Other companies embracing the TPM and associated TCG standards that take advantage of the TPM include Boeing, BAE Systems, General Dynamics and Rockwell Collins.