Guidance for Organizations Concerned with the Vulnerability of Authentication Tokens

Time to Turn on the Added Protection that You Already Have

Lee, MA June 2, 2011Amidst media reports that the nation’s largest defense contractor experienced a network intrusion last week allegedly involving the use of RSA SecurID® tokens, organizations using tokens should consider additional measures for safeguarding their information and securing their network infrastructure. Incorporating device identification as a second layer of defense can help to thwart future cyber attacks, according to officials at Wave Systems Corp. (NASDAQ: WAVX).

“The Lockheed Martin breach has been a wake-up call for CSOs and CIOs, as this type of breach is a risk for any organization with the same vulnerability,” commented Steven Sprague, CEO of Wave Systems, a leading provider of Trusted Computing solutions. “Security in today’s IT infrastructure is more about layers than any single point of defense. We believe that organizations should add device identity as an independently managed layer for network access control, where only known devices—those authorized by the organization—are granted access to information and sensitive resources.  This is device-based security.”

Top Reasons Why device Identification Should Be Central To Your Security

TPM Uniquely Suited for Device Identification
Traditional approaches to device identification center on using MAC addresses and user credentials in software to identify a device on the network. But this is subject to security vulnerabilities since MAC addresses and software-based user credentials can be spoofed, so another device can claim the same MAC address, for instance.

 A better approach for device identification is through the use of the Trusted Platform Module (TPM). The TPM is a cryptographic security chip developed using a specification from the Trusted Computing Group (TCG). Among its many security features, the TPM has the ability to create, sign and store keys, which can be used to provide strong binding of machines and users to the device. Because the authentication keys are stored and protected within the hardware, they cannot be changed or stolen by malware. Benefits of the TPM include: persistent protection of identity information (keys); broad deployment (nearly half a billion TPMs have already shipped on PCs); and a low total cost of ownership, as there is no additional hardware to acquire or deploy.

One of the biggest hurdles preventing more widespread usage of the TPM has been a relative lack of awareness. But this is beginning to change. Consider:

Wave has assembled a number of partners that can help enterprises leverage the TPM as part of its network security. Leveraging this already-deployed hardware security can supplement existing systems in a cost-effective and seamless manner. For more information, call (877) 228-WAVE or see the following link for additional information, resources and ways Wave can help:

Wave Logo

About Wave Systems Corp.

Wave Systems Corp. (NASDAQ: WAVX) reduces the complexity, cost and uncertainty of data protection by starting inside the device.  Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the hardware security capabilities built directly into endpoint computing platforms themselves.  Wave has been among the foremost experts on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group. 

Safe Harbor for Forward Looking Statements

This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company’s financing plans; (ii) trends affecting the company’s financial condition or results of operations; (iii) the company’s growth strategy and operating strategy; and (iv) the declaration and payment of dividends.  The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements.  Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company’s ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors.  Wave assumes no duty to and does not undertake to update forward-looking statements.

All brands are the property of their respective owners.

For more information please contact:

Wave Systems Corp.
Michael Wheeler