Wave Hails Industry Standard, Declares Hardware Encryption "Ready for Prime Time"

Industry Mandate Removes Barriers for Businesses Wishing to Buy PCs with Full Disk Encryption (FDE) Drives; Support for the Trusted Computing Group’s Opal Storage Specification Incorporated into Wave’s Flagship Product

Lee, MAJanuary 27, 2009 Wave Systems Corp. (NASDAQ: WAVX) today announced its support for a new industry specification to enable stronger data protection and help organizations comply with increasingly tough regulations aimed at preventing a data breach. The first public version of the Trusted Computing Group’s Opal security subsystem storage specification was announced today, giving vendors a "blueprint" for developing self-encrypting drives that secure data. Wave has developed or is working on Opal-compliant FDE solutions with Fujitsu, Toshiba and Hitachi, along with its currently shipping FDE solution with Seagate DriveTrust™ technology.

"The industry has responded to the growing need for robust data protection with a set of standards that can drive interoperability between FDE drives and in turn advance the market for hardware-based encryption," said Steven Sprague, Wave’s CEO and president. "For businesses worried about protecting confidential data: employee social security numbers; customer credit card numbers; patient medical records; trade secrets — it only makes sense that hardware FDE drives are included every time you buy a new PC. You wouldn’t think of buying a car without air bags; don’t buy a new PC without an FDE drive. There’s never a question of whether encryption is on—it’s a ‘set it and forget it’ solution."

The use of encryption is growing rapidly in response to the escalating number of data breaches reported nationwide. The Identity Theft Resource Center recently reported a 47 percent increase in the number of data breaches in 2008 compared with the previous year; and identity theft is now the fastest growing crime in the nation, according to the U.S. Department of Justice. Recently, Massachusetts and Nevada passed tough new data protection laws for businesses mandating encryption of all personal information stored on laptops.

"Aberdeen’s research has shown that full-disk encryption reduces human error and enables consistent policies to be enforced across the organization, especially when it can be centrally managed," said Derek Brink, vice president and research fellow for IT Security, Aberdeen Group. "Given new data protection regulations such as those from Massachusetts and Nevada, and industry adoption of open standards such as Opal, adoption of full-disk encryption is simultaneously becoming more pragmatic and more cost-effective. We believe many organizations will see this as a real gift in this current time of broader compliance requirements and thinner IT budgets."

Hardware-based FDE Misconceptions Dispelled
Wave believes that open standards and more FDE choices should dispel many of the perceived drawbacks to hardware-based full disk encryption solutions.

Myth 1: Most protection schemes embedded in hardware are incomplete and available through niche offerings.  Wave is now the first ISV to announce and demonstrate robust policy management for a wide range of encryption technologies, including FDE drives from leading vendors Seagate, Hitachi, Fujitsu and Toshiba. For organizations that choose to adopt both hardware and software FDE, Wave’s flagship management solution, EMBASSY® Remote Administration Server (ERAS), now provides robust policy management for SafeNet’s award-winning ProtectDriveTM software FDE. Now businesses can roll out a single, universal policy management server that is designed to work seamlessly across heterogeneous FDE client applications.

Myth II: FDE drives are not universal solutions for all platforms and applications; businesses may not be able to integrate these systems into their plans. The Opal specification is designed to facilitate broad adoption of FDE solutions by creating an open, industry standard that offers improved interoperability across storage vendors, encryption technologies and platforms. Both PC OEMs and end-user organizations can now implement "off the shelf," factory-installed, and interoperable hardware encryption solutions.

Myth III: Enterprises will be challenged to attempt large-scale adoption of FDE drives across all of their platforms. ERAS supports native integration with existing directory structures and policy distribution mechanisms are scalable. Assigning users and associated policies within the directory framework can significantly simplify deployment. Unlike most software encryption, this integrated solution takes only minutes to configure and deploy. And because encryption is turned on "out of the box," there is generally no learning curve for the end user or IT support staff. Enterprises will also appreciate a single management server solution for streamlined administration and policy management capable of supporting both leading hardware and software FDE.

Myth IV: No hardware subsystem can stand alone as a complete solution. No software-based encryption is a complete solution unto itself, requiring policy management for keys, users and access rights. FDE hard drives provide the native encryption while ERAS provides all of the credential, key and user management that enterprises require, including secure remote data destruction.

Hardware FDE: Advanced, Industry Standard and One Management Solution
Among ISVs that offer management solutions for FDE, Wave’s unique solutions offer cross-technology support for the leading hard drive vendors.
"For the past year Wave has worked closely with us to build advanced security features into our FDE disk drive based on the TCG OPAL specifications," said David James, vice president of advanced product engineering at Fujitsu. "By combining our advanced, hardware-based encryption technology with Wave’s EMBASSY client and server software, we are able to deliver a highly secure and fully managed mobile-computing solution."

"Toshiba and Wave Systems are working closely to develop secure, interoperable hardware and software solutions that support the emerging TCG Opal-SSC specification for encrypting hard disk drives," said Maciek Brzeski, vice president of marketing at Toshiba America Information Systems, Inc. Storage Device Division. "Wave’s close involvement in the TCG community enables HDD manufacturers such as Toshiba to design stronger storage-based security features in compliance with the TCG Storage Work Group specifications."

"Hitachi is pleased to have participated in the TCG Opal effort to provide standards for data security in hard drives, which now provides the industry with a clear path for the mass adoption of hardware-based encryption," said Brendan Collins, vice president, Product Marketing, Hitachi GST. "It’s clear that the future of data protection is hardware-based; encrypted hard drives operate at media speed with no impact to the CPU and no reliance on operating system software for the security of encryption keys and access credentials. Hitachi and Wave are working together to provide a complete, managed encryption solution."  
Wave products are available through a number of PC manufacturers.

Wave Logo

About Wave Systems Corp.

Wave is a pioneer in hardware-based PC security that provides software to help solve critical enterprise PC security challenges such as data protection, strong authentication, network access control and the management of these enterprise functions.  Wave is a founding member of the Trusted Computing Group (TCG), a consortium of more than 100 companies that forged open standards for hardware security.  Wave’s EMBASSY® line of client- and server-side software leverages and manages the security functions of the TCG’s industry standard hardware security chip, the Trusted Platform Module (TPM) as well as hard drives that comply with TCG’s “Opal” self-encrypting drive (SED) standard.  Self-encrypting drives are a growing segment of the data protection market, offering increased security and better performance than most existing software-based encryption solutions.  TPMs are standard equipment on many enterprise-class PCs shipping today and have shipped on an estimated 300 million PCs worldwide.  Using TPMs and/or SEDs and Wave software, enterprises can substantially and cost-effectively strengthen their current security solutions.  Visit http://www.wave.com for more information.

Safe Harbor for Forward Looking Statements

Under the Private Securities Litigation Reform Act of 1995. This press release may contain forward-looking information within the meaning of Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company’s financing plans; (ii) trends affecting the company’s financial condition or results of operations; (iii) the company’s growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company’s ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors.

All brands are the property of their respective owners.

 

# # #
For more information please contact:

Company:
Michael Wheeler
413-243-7026
mwheeler@wave.com