Replies to post #239960 on Wave Systems Corp. (fka WAVXQ)

[wavedreamer]

Blue,

Love the way you write BTW.

"Yet, the company saying it can stop it, is ignored or rejected time after time."

Why does the NSA want the DOD to use TPM's in all devices on their network and yet the NSA will allow it when they say it's appropriate?

Why is Fido building the TPM into their security framework and there is still work to be done?

Why are standards committees still in the approval stages of SED's/TPM's/TEE etc.

Why does Intel still build the TPM into their chips sets?

Why does Microsoft use the TPM in their products while they have their products in for evealuation at FIPS and the NIAP?

Why is the CESG certifying SED's and various companies products that can manage SED's?

Sooooooooo many questions and no answers:)

Do some digging:)

[RootOfTrust]

You keep claiming "no sales" although you have conceded there is in fact some revenue...after all $3.4m billings does show something is being sold. Safend might be $1.4m plus $2m for Embassy products so it's not like it's zero. Granted, it's been declining mostly in the face of Dell going to zero and Embassy not scaling up (primarily because of the time consuming transition to large customer TPM-based sales).

Here is a recent 1000+ seat ERAS for SEDs case study recently put up on the website:

http://www.wave.com/case-study-vpv-versicherungen

The TPM solutions market has been a historical challenge. First, you had an inept CEO who failed to build a deployable solution. Actually part of that challenge in the beginning (before customers reached today's 100% TPMs on their machines) was developing a soft certificate solution for non-TPM machines (doable), like this little company below which btw shows a mere $4m annual revenues (25% of Wave's) according to one estimate. It was also difficult to remotely activate TPMs on Win XP machines without remote BIOS access though this too was solvable for Wave imo with the correct focus.

http://www.css-security.com/

http://www.css-security.com/about-us/our-team/leadership/

http://www.css-security.com/wp-content/uploads/2014/10/CMS-4.0-datasheet_Enterprise_P_10.29.14.pdf

http://www.manta.com/c/mmjzxy7/certified-security-solutions-inc?ftoggle-frontend-prod-on=abTests.revenue.test_10312014_control&utm_expid=82789632-25.oHnsZFf0S6aL6ZTTV65kcg.1&utm_referrer=https%3A%2F%2Fwww.google.com%2F

Second, was building a deployable solution (VSC 2.0) and the lag time it takes to get pilots deployed and the pilots converted to orders. Btw certificate-based authentication is still not widely deployed in the enterprise so one of the challenges in building VSC 2.0 is to make the implementation of certificates and their management transparent to the customer's deployment.

It's encouraging to see the interest in Wave's TPM-based VSC solution as evidenced by the growing scale of pilot deployments. It's possible the solution has required ongoing tweaking and enhancing to provide the level of transparent certificate deployment and management referenced above and that this is causing further delays for some customers. We'll see.

For many years there was never any langauge relating to the use of certificates in describing a Wave TPM solution. Finally we see it:

A sample enterprise scenario begins with the deployment team determining initial use and rollout schedule. In this case, they have determined that they will use VSC for Windows Logon, DirectAccess, and Office 365 access. Using Wave’s EMBASSY Remote Administration Server (ERAS) Management Console and VSC Deployment Tool, the agent software is deployed to the target machines. By using a certificate authority, system and user certificates are added to the certificate store, and additional capabilities are added as needed (e.g. Virtual Desktop) during the IT lifecycle.

https://www.wave.com/white-paper-enhancing-organizational-security-through-virtual-smart-cards