Mr. Steven K. Sprague President and CEO Wave Systems Corp. www.wave.com Nasdaq: WAVX
SecurityStockWatch.com: Thank you for joining us today, Steven. Much has happened with WAVX during the past year: revenues are up, the stock is up and the list of impressive partners working with you keeps growing. Please give us an overview of Wave Systems’ solutions and provide us with some background on the company.
Steven K. Sprague : Wave Systems is the leading provider of client and server software for hardware-based security on personal computers. We’re traded on the NASDAQ Capital Market Exchange under the symbol WAVX, and today we have about 100 employees worldwide.
Our business is based on providing the tools for the world to leverage the new hardware-based security solutions shipping on most PCs. Hardware security can mean different things, but in our world it revolves around a security chip called the Trusted Platform Module or TPM. The PC industry has spent ten years developing this hardware security chip to address the obvious security problems inherent in software products.
TPMs ship with virtually every business-class laptop and most enterprise desktops. These chips change the PC security paradigm, acting as a strongly protected system for securely generating and storing encryption keys. Since the TPM provides advanced security for keys and is invulnerable to both network and software attacks, the TPM chip can authenticate hardware devices. Therefore, an organization that turns on the TPM chips on its laptops can restrict all but “known” PCs to its network. That’s a simple, yet very powerful step to increase network security. The TPM can perform a host of other functions, too, from encrypting individual files to storing passwords, digital certificates and cryptographic keys. These chips can also perform a function called “remote attestation,” creating an unalterable summary of the hardware, boot and operating system’s configuration so that a third party can verify the state of the software to determine if it can be ‘trusted’ and that it has not been tampered with. Because information and functions occur within the security chip, it is far more secure from external software attacks and physical theft than other methods.
TPM chips have been shipping from major PC OEMs for several years, but today we’re fast approaching a “tipping point” for their adoption. Now that 300 million PCs with TPMs have shipped—and the number grows each day—a substantial market opportunity has been formed, and Wave is in a leadership position to take advantage of it. With embedded TPM chips and Wave’s EMBASSY® software, organizations of any size have the ability to easily deploy, manage and initialize these chips, establishing both policy and key management. Doing so will dramatically improve security today on a very cost-effective basis.
SecurityStockWatch.com: Thank you, Steven, for that comprehensive overview. How else does Wave support hardware security?
Steven K. Sprague : Full disk encryption, or FDE, is the preferred mechanism for protecting sensitive data on a PC. This technology lets IT encrypt the entire hard drive so that sensitive data is always protected, no matter where it resides. In this way, it’s a more foolproof solution than encrypting only an individual folder on an employee’s laptop. Until only fairly recently, the sole option on the market was software-based FDE. Software FDE certainly has its role, but it’s not without problems. It can be expensive to deploy and it slows down processing speeds. It also involves additional licensing fees and ongoing support from IT. Perhaps more concerning is that it has been shown to be vulnerable to the highly publicized “cold boot” memory attacks. Using this attack, a determined hacker can steal encryption keys stored in the system’s memory in “sleep mode,” even though software FDE was operating. A more secure solution is new hardware-based FDE deployed in what are known as self-encrypting drives. Seagate was the first to offer these drives in early 2007. Today, most of the major drive vendors offer self-encrypting drives (SED), including Hitachi, Toshiba, Fujitsu and Samsung. The Seagate and Samsung drives are available through Dell today, with the other vendors making their SEDs commercially available in the coming months. Bringing even more functional benefits is a new line of solid-state self-encrypting drives – using flash memory - that deliver substantial performance, size and weight improvements over conventional SEDs.
Here’s a little insight into how the drives work. Essentially, the encryption takes place inside the disk itself. Every single “bit” that the user “sends down the wire” is encrypted before it’s written to the “platters.” As a result, if you were to take apart one of these drives, the data would be encrypted at all times. Further, the encryption keys are always protected in hardware and therefore aren’t vulnerable to the “cold boot” memory attacks as is software FDE. This is truly “game changing” technology that can allow enterprises and consumers to know that their data and applications are constantly protected. So where does Wave fit in? Our EMBASSY software—yes, the same software that deploys and manages TPM chips—also supports the function of these self-encrypting drives, including providing “pre-boot” authentication to the PC, setting up security policies or centrally managing all the drives in the enterprise. We teamed up early on with the leading drive vendors and were vocal advocates behind the new Opal secure storage standard published by the Trusted Computing Group. Opal specifications provided a single framework for the design and function of self-encrypting drives. As the only vendor that supports all the drives on the market, and those soon to be made available, we feel Wave has a significant advantage. Also, I would reinforce our strong partnership with Dell as it relates to these drives. Today, when you buy a Seagate or Samsung FDE drive as an option on Latitude or Precision models, Dell bundles our client software with every drive, with Wave receiving an attractive per-unit bundling fee. Moving forward, encryption will just become a factory-integrated solution from the PC OEMs, not an aftermarket software add-on.
With all the reports of data breaches, there’s never been a stronger demand for encryption. Our figures show that self-encrypting drive volume is growing almost 100 percent per quarter in unit volume. With only 1 to 2 percent of the new laptops being supplied with SED drives, there is plenty of room for growth.In fact, the Gartner Group recommends that every laptop should include full disk encryption as a standard feature. I’m proud of our position as a market leader in this category with the best software solution out there for SED drives. Information Week, one of the most widely read media outlets for IT security, published an article in September on the evolution of hardware FDE. It is a good read for those trying to understand this space and Wave’s position. It’s available at http://www.informationweek.com.
We feel that our broad compatibility and “first mover” presence are significant advantages for us as the value of FDE drives is reinforced on an almost daily basis with the growing number of data protection regulations. And because our software was designed from “day one” to work with hardware, we don’t have to worry about any of the vulnerabilities that others have who adapted software applications to work with hardware.
SecurityStockWatch.com: Any recent developments you can discuss?
Steven K. Sprague: : In September, we showcased the most advanced management solution for self-encrypting drives in the enterprise at the Intel Developer Forum in Las Vegas. We demonstrated how our EMBASSY client and server software, used in conjunction with Intel’s new vPro technology on select Centrino chipsets, can dramatically streamline the deployment and management of SED drives. Intel vPro features built-in capabilities that enable IT to “discover” and turn on a PC remotely and our software enhances this capability, securing a remote conversation with a PC, even if it’s powered off. We’re very excited about this development and our strong partnership with the world’s leading chipmaker.
In September, we announced our support and involvement in a pilot open identity initiative for the government, Open Identity for Open Government. Wave joined Yahoo! PayPal, Google, AOL, Citi as digital identity providers offering solutions based on OpenID and Information Card technologies. Under the pilot, visitors to the Center for Information Technology, National Institutes of Health and the U.S. Department of Health and Human Services will be able to register and participate in government websites without having to create new usernames and passwords.
Wave has been developing a service—still in the beta stage—which brings strong, second-factor authentication security to OpenID. By integrating this service with the industry standard Trusted Platform Module (TPM) security chip on individual PCs, user names are replaced by unique, user-protected digital certificates for stronger, multi-factor authentication between the user and service providers—ensuring secure digital identities across the Web. This integration with the TPM also provides easier management for small- and medium-sized businesses whose employees’ access government websites.
SecurityStockWatch.com: What can you say about your customer base?
Steven K. Sprague: Wave sells our products to both PC OEMs and enterprises. Today, our largest PC OEM customer is Dell. Last year we also partnered with Acer, the world’s third-largest PC vendor, which has elected to bundle our client software on several PC models and helped us greatly expand our penetration into Asia. Even though this has been a tough year for the PC industry, we’ve been able to substantially grow our OEM revenue and our software footprint through the distribution per quarter of four to five million copies of our software.
Wave also sells our products to enterprise organizations. We’re seeing substantial growth in the adoption of our EMBASSY Remote Administration Server or ERAS, across all the major industry verticals: healthcare, financial services, education, manufacturing and government. ERAS is our flagship server software for the remote deployment of both SED drives and TPMs. In addition to selling to the government, we’ve also furnished security consulting services to government agencies.
Across the board, we’ve assembled a strong base of OEM partners who are bundling our software with PCs and drives while we are building a growing base of enterprise customers. These enterprises continue to add to the number of licensed seats for our software and every month new customers are arriving. Enterprise software sales are a long term source of growth for Wave. The industry clearly requires the stronger security that hardware provides. As the world begins to transition to hardware-based security for authentication and data protection, Wave is in a great position to profit from the growth of this emerging market in the coming quarters.
News 
Market Data 
Discover 
AI
