Wave Systems Corp. (NASDAQ:WAVX www.wave.com) announced today that President & CEO Steven Sprague and Chief Scientist Dr. Robert Thibadeau will speak on Thursday, March 10, providing two presentations for next week's DoD Information Assurance Symposium (IAS) in Nashville, TN. Mr. Sprague will present "Trusted Computing: Advanced Concepts and Uses in the Near Future" as part of a track dedicated to Trusted Computing. Dr. Thibadeau's session will address managing endpoint security for mobile devices.
Trusted Computing offers compelling security benefits for today's global enterprises that face serious cyber threats. The technology gives organizations a new paradigm for device authentication and trusted execution, along with faster and more secure encryption based in hardware. Mr. Sprague's presentation (2:00 to 3:00 pm, at the Gaylord Opryland Hotel in Nashville, TN) will share a host of use-cases for the Trusted Platform Module (TPM), a cryptographic integrated circuit that comes standard on business-class PCs. Sprague will show how TPMs are providing additional security by safely storing keys and establishing device identity through the use of a private signing key stored within the TPM. With device identity (as opposed to only user identity), enterprises can ensure that only known PCs are permitted access to corporate networks and sensitive resources. The presentation will explore how the TPM can provide integrity management, health checks and can be used as a foundation for health measurements, which can be used for access control.
"We believe that companies can improve their security profile considerably by taking two simple steps: requiring all new PCs to have TPMs and then turning them on," Sprague said. "Securing all certificates with the TPM is a security enhancement that reduces the risk profile significantly."
Sprague's presentation will also cover advanced applications for self-encrypting drives (SEDs) that perform encryption directly in drive hardware as opposed to on a computer's processor and operating system. In addition to the security and performance benefits that SEDs offer over software encryption, Sprague will share the powerful benefits SEDs provide to virtualization deployments — where multiple "virtual" machines run on a single physical platform made possible by a component called a hypervisor.
"We'll demonstrate some of the security and performance advantages of Opal self-encrypting drives and show how easy it is to centrally manage them," Sprague added. "We'll also show some lesser known capabilities of the drives, such as the ability to create individually secured and accessed multiple partitions, each with its own operating system. This introduces the user to the concept of ‘more than one PC in my PC.' One day we may see a corporate managed image and a user managed image on one platform."
Following Sprague's presentation, Dr. Robert Thibadeau, the industry's foremost expert on self-encrypting drives, will present "Implementing and Managing Endpoint Security for Mobile Devices" from 3:30 to 4:30, focusing on the proliferation of security issues that have arisen with the expansion of the use of smartphones. As users bring sensitive information and transactions like electronic payment out of secure environments and onto cell phones, tablets, and untrustworthy networks, security must adapt and protect these new areas of vulnerability. Protecting the endpoint becomes more critical than ever.
"The challenge shifts when we move to mobile devices," commented Dr. Thibadeau. "To match this shift and maintain a trusted framework, we need to use our ingenuity and reinvent the ways we use technologies we already have, as well as explore new developments."
The symposium is hosted jointly by the National Security Agency (NSA), the Defense Information Systems Agency (DISA), and the United States Cyber Command (USCYBERCOM), as a forum to bring together the security industry's thought leaders to address the information assurance mission. IAS runs in conjunction with the Information Assurance Exposition (March 8 — 10, 2011), where Wave will exhibit (booth #630). Booth demonstrations will include: management of self-encrypting drives using Wave EMBASSY® software including support for Common Access Card (CAC); Wave for BitLocker Management; and TPM for device authentication. Advanced technology demos will show time-based access and data isolation.