Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved.

Published byLauryn Kershaw Modified over 10 years ago

Similar presentations

Presentation on theme: "Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved."— Presentation transcript:

1 Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved.

2 Threats and liability have increased © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Security technologies Enterprise Network Threats Liability Security Technology Client Server Distributed Computing Hackers Viruses PasswordToken/SmartCard Software FDE DLP 199020002010Future kept pace have not HIPAA FERPA EU Directive SOX PIPEDA (CA) Notice of Breach

3 Threats and liability have increased © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Security technologies Enterprise Network Threats Liability Security Technology Client Server Distributed Computing Global Networks Hackers VirusesMalwareAdvanced Persistent Threats (APT) PasswordToken/SmartCard Software FDE DLP TPM 199020002010Future kept pace have not Encrypting Drive HIPAA FERPA EU Directive SOX PIPEDA (CA) Notice of Breach PCI FFIEC HITECH NERC FED Regs State/Local Regs

4 52% of N.A. large enterprises had lost confidential data through removable media such as USB Drives in the past 2 years (Forrester) Over 60% of confidential data resides at the Endpoint (IDC) 87% think their organizations are at risk of attack via a mobile security lapse. (Deloitte 2011 Poll of US Business Executives) Business travelers in the U.S., Europe and United Arab Emirates lose or misplace more than 16,000 laptops per week.(Ponemon Institute). More than one third (36%) of US companies surveyed say their business was impacted by the exposure of sensitive or embarrassing information in the last 12 months. (Osterman Research 2010) Did you know…

5 Data Leakage and Targeted Attacks A Clear and Present Danger

6 What is your security plan? © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Insanity: Doing the same thing and expecting a different result.

7 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Security should be this easy Makes on-going security decisions easier. Solves todays challenges and tomorrows. Is an integral part of the systems you buy. Allows for plug-n-play choices (universal). Operates seamlessly and transparently Covers devices, data and applications Delivers comprehensive centralized control Provides the knowledge to prove information is protected. Cost-effective, transparent and hassle-free The ideal security solution

8 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Trusted Computing Group Founded in 2003 - currently137 Member Organizations Standardized by Trusted Computing Group Created by industry experts

9 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Framework to solve security challenges Mobile Phones Authentication Storage Applications Software Stack Operating Systems Web Services Authentication Data Protection Infrastructure Servers Desktops & Notebooks Security Hardware Network Security Printers & Hardcopy Virtualized Platform

10 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. NSA Trusted Computing Conference 2010 – 375 attendees; 40 vendors 2011 – 620 attendees; 60 vendors September 2012 - ??

11 application layer software FDE integration with OS Microsoft BitLocker hardware integration Self Encrypting Drives Encryption solutions have evolved Better integration means better security © 2011 Wave Systems Corp. Confidential. All Rights Reserved.

12 Self Encrypting Drives: the technical basics © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Opal Self Encrypting Drives (SED) were introduced in 2009 SEDs have their own processor and RAM – making them impervious to software attack. Encryption keys are stored in the drive controller chip and never leave. Always-on AES encryption means all of the data is protected all of the time. Drive-level verification blocks all read/write functions until the user is verified. Support SATA interfaces and are FIPS 140-2 certified. Available in spinning disks or solid state. A wide selection from Hitachi, Micron, Samsung and Seagate Seagate has shipped over 1M drives Dell, HP and Lenovo sell at little to no added cost

13 SEDs have zero impact on performance © 2011 Wave Systems Corp. Confidential. All Rights Reserved. 1 Trusted Strategies LLC, "FDE Performance Comparison, Hardware versus Software Full Drive Encryption" February 9, 2010

14 SED encryption is virtually instantaneous © 2011 Wave Systems Corp. Confidential. All Rights Reserved. 1 Trusted Strategies LLC, "FDE Performance Comparison, Hardware versus Software Full Drive Encryption" February 9, 2010

15 SEDs offer big savings Processor: I5 2.5GHz to 2.6GHz Memory: 2GB to 4GB

16 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. SED Case Study: Big 3 US Automaker 100,000 + end users with various backgrounds and technical skill sets Very complex and global infrastructure. Needed for a single solution that was hassle free and low cost Attempted software FDE but could only deploy about 4500 platforms over 3 years – high costs and failure rates SED Pilot phase – 45 days and 250 users Deployed about 100,000 SEDs over a 2 year period

17 Passwords can be easily guessed or stolen Software certificate private keys can be readily and unknowingly exported with jailbreak RSA tokens have been shown to be vulnerable to attack Consider: additional layers of device security + = The status quo is no longer good enough © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Data Encryption Known Users Known Devices + REAL SECURITY

18 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Trusted Platform Module: the technical basics. © 2011 Wave Systems Corp. Confidential. All Rights Reserved. The Trusted Platform Module (TPM) was introduced in 2003. Today over 500 million systems have TPMs. Creates and protects secrets. Inherently secure against brute force attacks. Establishes chain of trust for keys and credentials. Supports PKI X.509 digital certificates. Performs digital signature operations. Securely measures, stores and reports on integrity metrics. Holds platform measurements (hashes). Its already in every computer you own!

19 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Devices are a proven foundation for network security Mobile phones, cable and satellite boxes Billions of devices connect directly to todays sophisticated global networks Eliminates the risk of unknown devices infecting the network with viruses. Strengthens user authentication by providing a second factor – the device. Security you already own and have deployed across your entire organization.

20 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. TPM Case Study: PricewaterhouseCoopers (PwC) Security footprint: 150,000 employees, across 850 locations in 142 countries Concerned about non-authorized users on the network. The use of TPM proved successful in mitigating Jailbreak risk. Virtually all of PwCs computers had TPMs. TPM-based certificates for VPN and WiFi access Cost analysis found that smartcards were at least 2X TPM and USB tokens were 3X TPM. 85,000 seats into their rollout TCG standards can be implemented in small, manageable steps without changing the current infrastructure

21 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. TPM Case Study: PwC You may find your organization is in a similar situation to PwC, which may lead you to use TPM for strong authentication. - Karl Wagner, PwC Director, Global IT

22 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Choose Trusted Computing How can I get started today? Add self-encrypting drives to all new laptop orders If using BitLocker, ensure TPMs are used for BL key protection and they are managed Protect your VPN and WiFi software certificates with the TPM Restrict network access to only known devices Consider platform integrity to defend against APTs Question your vendors about their plans for delivering provable security Ask us how

23 877-228-WAVE sales@wavesys.com www.wave.com Visit our web site for case studies and white papers. © 2011 Wave Systems Corp. Confidential. All Rights Reserved.

Download ppt "Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved."

Similar presentations

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary December 2010 Irvine, CA – PWG Meeting Ira McDonald (High.

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary December 2010 Irvine, CA – PWG Meeting Ira McDonald (High.
1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary and IDS WG TCG Activity Summary August 2010 Bagsvaerd, Denmark – PWG Meeting.

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary and IDS WG TCG Activity Summary August 2010 Bagsvaerd, Denmark – PWG Meeting.
1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary 10 June 2010 Rochester, NY – PWG F2F Meeting Ira McDonald.

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary 10 June 2010 Rochester, NY – PWG F2F Meeting Ira McDonald.
1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary 7 April 2010 Camas, WA – PWG F2F Meeting Ira McDonald (High.

1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary 7 April 2010 Camas, WA – PWG F2F Meeting Ira McDonald (High.
1Copyright © 2011, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary May 2011 Webster, NY – PWG Meeting Ira McDonald (High North.

1Copyright © 2011, Printer Working Group. All rights reserved. PWG Plenary TCG Activity Summary May 2011 Webster, NY – PWG Meeting Ira McDonald (High North.
© Copyright 1998-2001 International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.

© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.
©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Visions for 2010 Anna Russell & Andy Clark.

©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals Visions for 2010 Anna Russell & Andy Clark.
SDS Rv1 0411 Confidential.

SDS Rv Confidential.
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
Security for Mobile Devices

Security for Mobile Devices
Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
> THIS IS THE WAY > THIS IS. The Virtual Enterprise Distributed Workforce Increasing Mobility Demanding Customers Hungry Competitors Budget Crunch The.

> THIS IS THE WAY > THIS IS. The Virtual Enterprise Distributed Workforce Increasing Mobility Demanding Customers Hungry Competitors Budget Crunch The.
© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo Client Offerings For Service Providers Ceedo Client Workspace Virtualization.
Fujitsu Siemens Computers at a glance Georgios Nikolopoulos Sales Manager November 2008.

Fujitsu Siemens Computers at a glance Georgios Nikolopoulos Sales Manager November 2008.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.

EToken PRO Anywhere. Agenda  eToken PRO Anywhere Overview  Market background and target markets  Identifying the opportunity  Implementation and Pricing.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Similar presentations

Ads by Google