Wave Systems Corp. (fka WAVXQ)

[dude_danny]

Cyber Security Awareness Tip #14: Data Encryption
10-14-2007, 09:08 PM

http://forums.pcper.com/showthread.php?t=446275
Gartner has recently begun beating the drum that FDE, alone, Ain't Good Enough. This after thoroughly trouncing F/FBE-only, for years, for inadequately protecting data.

It takes both forms of "at-rest" crypto to significantly mitigate risks of data loss/leakage.

Crypto also has to be *relatively painless* for the end-user to live/work with, otherwise there will be devastation from pilot error. Single sign-on, and, for the vast majority, integration with Windows Active Directory, will have to play a role in easing some of the burden on end users.

There is some cool stuff from Seagate (Momentus) and Wave Systems for integrating HW-based, managed FDE with Windows Authentication. It's even cooler when there's TPM 1.2 to mash/mesh with. I'm not the only one who thinks this stuff is good -- it's being fast-tracked for "Federal"-use approval, outside of FIPS.

There's also some interesting use of crypto in VMware's ACE2, which isn't your mammy's or pappy's ACE1, that integrates slickly with Windows AD -- if you're thinking about leveraging managed desktop clients.

dude_danny