Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved.

Similar presentations


Presentation on theme: "Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved."— Presentation transcript:

1 Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved.

2 Threats and liability have increased © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Security technologies Enterprise Network Threats Liability Security Technology Client Server Distributed Computing Hackers Viruses PasswordToken/SmartCard Software FDE DLP Future kept pace have not HIPAA FERPA EU Directive SOX PIPEDA (CA) Notice of Breach

3 Threats and liability have increased © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Security technologies Enterprise Network Threats Liability Security Technology Client Server Distributed Computing Global Networks Hackers VirusesMalwareAdvanced Persistent Threats (APT) PasswordToken/SmartCard Software FDE DLP TPM Future kept pace have not Encrypting Drive HIPAA FERPA EU Directive SOX PIPEDA (CA) Notice of Breach PCI FFIEC HITECH NERC FED Regs State/Local Regs

4 52% of N.A. large enterprises had lost confidential data through removable media such as USB Drives in the past 2 years (Forrester) Over 60% of confidential data resides at the Endpoint (IDC) 87% think their organizations are at risk of attack via a mobile security lapse. (Deloitte 2011 Poll of US Business Executives) Business travelers in the U.S., Europe and United Arab Emirates lose or misplace more than 16,000 laptops per week.(Ponemon Institute). More than one third (36%) of US companies surveyed say their business was impacted by the exposure of sensitive or embarrassing information in the last 12 months. (Osterman Research 2010) Did you know…

5 Data Leakage and Targeted Attacks A Clear and Present Danger

6 What is your security plan? © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Insanity: Doing the same thing and expecting a different result.

7 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Security should be this easy Makes on-going security decisions easier. Solves todays challenges and tomorrows. Is an integral part of the systems you buy. Allows for plug-n-play choices (universal). Operates seamlessly and transparently Covers devices, data and applications Delivers comprehensive centralized control Provides the knowledge to prove information is protected. Cost-effective, transparent and hassle-free The ideal security solution

8 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Trusted Computing Group Founded in currently137 Member Organizations Standardized by Trusted Computing Group Created by industry experts

9 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Framework to solve security challenges Mobile Phones Authentication Storage Applications Software Stack Operating Systems Web Services Authentication Data Protection Infrastructure Servers Desktops & Notebooks Security Hardware Network Security Printers & Hardcopy Virtualized Platform

10 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. NSA Trusted Computing Conference 2010 – 375 attendees; 40 vendors 2011 – 620 attendees; 60 vendors September ??

11 application layer software FDE integration with OS Microsoft BitLocker hardware integration Self Encrypting Drives Encryption solutions have evolved Better integration means better security © 2011 Wave Systems Corp. Confidential. All Rights Reserved.

12 Self Encrypting Drives: the technical basics © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Opal Self Encrypting Drives (SED) were introduced in 2009 SEDs have their own processor and RAM – making them impervious to software attack. Encryption keys are stored in the drive controller chip and never leave. Always-on AES encryption means all of the data is protected all of the time. Drive-level verification blocks all read/write functions until the user is verified. Support SATA interfaces and are FIPS certified. Available in spinning disks or solid state. A wide selection from Hitachi, Micron, Samsung and Seagate Seagate has shipped over 1M drives Dell, HP and Lenovo sell at little to no added cost

13 SEDs have zero impact on performance © 2011 Wave Systems Corp. Confidential. All Rights Reserved. 1 Trusted Strategies LLC, "FDE Performance Comparison, Hardware versus Software Full Drive Encryption" February 9, 2010

14 SED encryption is virtually instantaneous © 2011 Wave Systems Corp. Confidential. All Rights Reserved. 1 Trusted Strategies LLC, "FDE Performance Comparison, Hardware versus Software Full Drive Encryption" February 9, 2010

15 SEDs offer big savings Processor: I5 2.5GHz to 2.6GHz Memory: 2GB to 4GB

16 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. SED Case Study: Big 3 US Automaker 100,000 + end users with various backgrounds and technical skill sets Very complex and global infrastructure. Needed for a single solution that was hassle free and low cost Attempted software FDE but could only deploy about 4500 platforms over 3 years – high costs and failure rates SED Pilot phase – 45 days and 250 users Deployed about 100,000 SEDs over a 2 year period

17 Passwords can be easily guessed or stolen Software certificate private keys can be readily and unknowingly exported with jailbreak RSA tokens have been shown to be vulnerable to attack Consider: additional layers of device security + = The status quo is no longer good enough © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Data Encryption Known Users Known Devices + REAL SECURITY

18 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Trusted Platform Module: the technical basics. © 2011 Wave Systems Corp. Confidential. All Rights Reserved. The Trusted Platform Module (TPM) was introduced in Today over 500 million systems have TPMs. Creates and protects secrets. Inherently secure against brute force attacks. Establishes chain of trust for keys and credentials. Supports PKI X.509 digital certificates. Performs digital signature operations. Securely measures, stores and reports on integrity metrics. Holds platform measurements (hashes). Its already in every computer you own!

19 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Devices are a proven foundation for network security Mobile phones, cable and satellite boxes Billions of devices connect directly to todays sophisticated global networks Eliminates the risk of unknown devices infecting the network with viruses. Strengthens user authentication by providing a second factor – the device. Security you already own and have deployed across your entire organization.

20 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. TPM Case Study: PricewaterhouseCoopers (PwC) Security footprint: 150,000 employees, across 850 locations in 142 countries Concerned about non-authorized users on the network. The use of TPM proved successful in mitigating Jailbreak risk. Virtually all of PwCs computers had TPMs. TPM-based certificates for VPN and WiFi access Cost analysis found that smartcards were at least 2X TPM and USB tokens were 3X TPM. 85,000 seats into their rollout TCG standards can be implemented in small, manageable steps without changing the current infrastructure

21 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. TPM Case Study: PwC You may find your organization is in a similar situation to PwC, which may lead you to use TPM for strong authentication. - Karl Wagner, PwC Director, Global IT

22 © 2011 Wave Systems Corp. Confidential. All Rights Reserved. Choose Trusted Computing How can I get started today? Add self-encrypting drives to all new laptop orders If using BitLocker, ensure TPMs are used for BL key protection and they are managed Protect your VPN and WiFi software certificates with the TPM Restrict network access to only known devices Consider platform integrity to defend against APTs Question your vendors about their plans for delivering provable security Ask us how

23 WAVE Visit our web site for case studies and white papers. © 2011 Wave Systems Corp. Confidential. All Rights Reserved.


Download ppt "Trusted Computing a better alternative! © 2011 Wave Systems Corp. Confidential. All Rights Reserved."

Similar presentations


Ads by Google