Wave Systems Corp. (fka WAVXQ)

[Genz2]

Can They See You Now?

Remote Working Requires a Security-First Approach Against Cyberattacks —

https://www.isemag.com/2021/07/telecom-2021-cybersecurity-best-practices-remote-work/

Excerpts:

The Role of Trusted Computing

It is crucial that a security-by-design approach is followed to guarantee a device remains protected throughout its whole life cycle. If security is left as an afterthought by developers or manufacturers, products present a vulnerable access point for hackers to intercept large amounts of data for a prolonged period of time. It is therefore critical that each device plays its own role in safeguarding the entire network by being able to report its integrity and protect its own hardware and software.

Trusted Computing should be utilized to ensure a multi-layered security safeguard against the growing sophistication of cyberthreats. Ensuring trustworthiness of devices, device identity, and security validity, Trusted Computing has a key role to play. For example, the Trusted Platform Module (TPM) is a hardware-based root of trust which, when implemented, creates a secure way of being able to examine the authenticity and integrity of a device and its firmware. The capabilities of the TPM, including run time integrity measurements and private encryption keys, can also be used to protect data from unauthorized users.

Global technology standards and specifications are also incredibly important, as they ensure organizations have the required tools to protect against cyberattacks. A great example of this is the European Telecommunications Standards Institute (ETSI) and their Cyber Security for Consumer Internet of Things: Baseline Requirements. This standard offers the best practice in security for the whole ecosystem of embedded technology and Internet-connected devices, and its recommendations are essential to create a solid foundation that protects against attacks. ETSI’s standard is intended to be complemented by other, more specific, standards, such as the principles and technologies set out by Trusted Computing Group (TCG). It relies on the Device Identifier Composition Engine (DICE) architecture, which combines hardware and software to begin a device boot sequence following the compromise of a device or system.

The DICE capability is utilized as a Root of Trust to perform attestation, authentication, and certification, of the software, regardless of whether a TPM is present or not. DICE works by sorting the boot into different layers and using the Unique Device Secret to form secrets that are unique to each configuration or layer. Each layer uses its unique secret to derive keys that can be used to protect data or report integrity information. As the software and configuration measurements are used to calculate the secrets, they are different whenever a software or configuration change takes place. If malware does get installed on a device, when the boot happens, the malware measurements will be different from the previous software, and the malware will not have access to the previous secrets. In the case of a vulnerability happening, patches can be installed which automatically generate new secrets for the patched layer, and for later ones too.

Other technologies can also be implemented to offer strong attestation of firmware and security, device identify, and secure deployment of software updates. They should be utilized by developers and manufacturers to add additional levels of security, and to ensure that all devices are kept protected.
=================================================================
Better security at less than half the cost!!!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE