Wave Systems Corp. (fka WAVXQ)

[StocWatcher]

Tying it all together

This would seem to be a perfect connection to the Dell/Wave solution considering ORC, NCI and eventually Seagate with the 5400FDE drive. This is the only case hardened hardware combination to "Get it done, and soon."

http://news.zdnet.com/2100-1009_22-6088937.html

"The U.S. government has 45 days to upgrade its security standards for protecting the data it holds on millions of U.S. citizens.

The Office of Management and Budget (OMB), which operates under the White House, sent a "Memorandum for the Heads of Departments and Agencies" (click here for PDF) on June 23 requesting the implementation of new security standards and practices concerning data.

The request comes in the wake of several embarrassing government security breaches due to losses of laptops holding sensitive information. Many of the incidents resulted in an accidental release of Social Security numbers and dates of birth--two key pieces of data used in identity theft.

Perhaps the worst breach took place May 22, when the Department of Veteran Affairs lost the personal data of 26.5 million U.S. veterans and their spouses after a laptop was stolen from the home of a government employee. Other government agencies that have recently lost sensitive data include the Federal Trade Commission, the Department of Agriculture and the Department of Energy.

The new standards include encryption for all data on notebooks and mobile devices unless it is specifically classified as "nonsensitive" in writing by a Deputy Secretary or other empowered superior. Agencies must additionally require two forms of authentication to access the information, such as a password and key card system.

Government employees must also employ "time-outs" that require the user to re-authenticate every 30 minutes for both remote access and mobile devices. All data downloads must be logged, and sensitive data may remain on a laptop or handheld for a maximum of 90 days, unless specifically permitted for a longer period. The memo includes a list of guidelines from the National Institutes of Standards and Technology (NIST) on protecting information.

While the new procedures are presented as a "recommendation" from the OMB, Deputy Director Clay Johnson III adds that the office will be sending government inspectors to see that the request is properly and promptly carried out. The OMB has provided a flowchart illustrating the steps it would like agencies to take, in addition to procedural lists.

"Most departments and agencies have these measures already in place," Johnson said in the memo. "We intend to work with the Inspectors General community to review these items as well as the checklist to ensure we are properly safeguarding the information the American taxpayer has entrusted to us. Please ensure these safeguards have been reviewed and are in place within the next 45 days."

In less bureaucratic terms, the sentiment seems to be: Get it done, and soon.

Data loss has been a point of contention in the private sector as well. Many companies, or their affiliates, have lost customers' personal data. In June, approximately 243,000 Hotels.com customers were put at risk via an Ernst & Young laptop loss, and 1.3 million Texas Guaranteed Student Loan company customers had their data exposed.

In March, data on 200,000 Hewlett-Packard employees was affected by a loss. Ohio University and the University of Southern California have also recently experienced breaches of information."

****************************************************************


NCI/ORC

the government purchase platform has been established.

http://www.wavesys.com/news/press_archive/06/060314_Q4WAVX.html

"NCI Information Systems, Inc. : In December Wave teamed with NCI Information Systems in connection with a contract awarded by the United States Army Information Systems Engineering Command (USAISEC) to NCI to provide information systems engineering and information technology support to the USAISEC, and other federal agencies worldwide. The terms upon which Wave will participate in the project are subject to the completion of one or more subcontracts to be entered into between Wave and NCI.

Operational Research Consultants, Inc.: In January, Wave teamed with Operational Research Consultants, Inc. (ORC) in connection with the first Blanket Purchase Agreement award issued under the new U.S. General Services Administration "Authentication Products and Services" Category Special Item No. 160 32, part of existing IT Schedule 70 (the "ORC ACES BPA"). The terms upon which Wave will participate in the project are subject to the completion of a subcontract to be entered into between Wave and ORC."

Dell is the largest supplier of government computer systems and, to my knowledge, the only one currently able to supply interoperable networked hardware security.(I'm sure I will be corrected if this is not the case.)

Seagate

http://www.seagate.com/docs/pdf/marketing/po_momentus_5400_fde_bb.pdf

I would not be a bit surprised to see a mandate, similar to that of the U.S. Army, that all future laptops dealing with sensitive government and corporate data be TPM and (as soon as Seagate can supply the volume) FDE equipped. Wave is currently the interoperable "glue" holding it together. the motivating force, as always, with be financial. From a legal stand point, it will be far less costly to incorporate thse security features than not.

http://www.commongroundcommonsense.org/forums/lofiversion/index.php/t57015.html

"WASHINGTON (AP) -- A coalition of veterans' groups charged in a lawsuit Tuesday that their privacy rights were violated after thieves stole personal data on 26.5 million military personnel from a Veterans Affairs employee.

The class-action lawsuit against the federal government, filed in U.S. District Court in Washington, is the second suit since the VA disclosed the May 3 burglary two weeks ago.

It demands that the VA fully disclose which military personnel are affected by the data theft and seeks $1,000 in damages to each person -- up to $26.5 billion total. The veterans are also asking for a court order barring VA employees from using sensitive data until independent experts determine proper safeguards.

Army - out in front

http://www.wavesys.com/news/press_archive/06/060206_WAVX.html

"The new published Army specification details a requirement for desktop and laptop personal computers to be equipped with new open security chip hardware called the Trusted Platform Module (TPM). The TPM provides a very low cost hardware security solution that can be used to enhance the security and integrity of the computer."

This could be an explosive combination if Wave can hold on just a bit longer! (of course IMO)


Stoc