p

The Future of Endpoint Encryption

TM

Your laptops and desktops are moving targets...

Self-Encrypting Drives (SEDs): The Future of Encryption

SEDs are similar to standard hard drives, except they embed encryption into their core processor chip — making them the simplest, most secure way to encrypt endpoint data. That not only makes them impervious to software attacks, it also means they cost significantly less and greatly outperform conventional software encryption solutions. Encryption is always on, offering rock-solid certainty that data is encrypted for compliance reasons. Leading PC vendors such as Dell, HP and Lenovo offer a wide range of PC models with SEDs at little to no added cost.

Given the current status of various working groups within the TCG and the widespread support from controller suppliers, drive manufacturers, and server and storage system vendors, Gartner believes that, within five years, all HDDs and SSDs will be shipped pre-loaded with some kind of industry-standard FDE technology, just as all mobile, desktop and enterprise HDDs shipped today are pre-loaded with some kind of diagnostic software.

Each of your laptops and desktops are literally moving targets and, until they are secure against attack, your business intelligence, reputation and bottom line are at risk. Most experts agree that by encrypting data on endpoints, corporate IT organizations can prevent data loss and demonstrate compliance with data privacy regulations. The question is: Which encryption solution is right for you?

The Challenges of Encryption

In choosing an encryption solution for diverse desktops and

laptops, IT organizations have to balance:

• Cost: Total cost of ownership includes acquisition costs together with the costs of deploying and managing encryption across a mixed platform environment.

• Manageability: How difficult is it for the IT organization to manage keys and support encryption across different platforms? Does the solution offer an easy migration path as you replace aging laptops and desktops?

• Enterprise fit/ease of use: Does it work with existing equipment? Will it impede productivity or slow down important applications?

• Compliance: Can you ensure that your data will remain safe and can you easily demonstrate compliance? What kind of auditing and reporting does it provide?

Self-Encrypting Drives

Save Time and Money

SEDs reduce the cost of endpoint encryption with rapid deployment and transparent operations. Wave lowers the total cost of ownership of SEDs by simplifying and streamlining the management of these devices within the enterprise.

Managing Self-Encrypting Drives

Although SEDs eliminate any encryption deployment effort, IT needs enterprise-wide visibility and management of these devices and control over the security policies that govern them. If a user loses a password, for example, the data is unrecoverable. To put SEDs to work in the enterprise, you need policy-based management, compliance reporting, and end-user recovery.

Wave software offers centralized control of encryption on laptops and desktops. Using policy-based access control, IT can limit access to encrypted information to authorized individuals, and remotely initialize, lock and erase drives. And Wave can help you demonstrate compliance with encryption policies in the event of a security breach.

Demonstrable Compliance

Wave helps you demonstrate compliance with SOX, PCI, HIPAA/HITECH, Notice of Breach and many other Federal and State directives for data privacy by monitoring, logging and reporting on all security events related to SEDs under management.

If a computer is stolen or lost, no one else can access its data without the proper credentials. And a crypto-erase feature renders the data inaccessible by destroying the encryption key, for lost, stolen or decommissioned equipment.

Using Wave, IT organizations can demonstrate that data was encrypted in the event of a stolen laptop or security breach. In some cases, the ability to prove encryption eliminates the need to report breaches; greatly minimizing any financial losses.

pp

p

Initialize, erase, and manage security policies for encrypted drives remotely

Add and remove authorized users quickly through one central console

Accelerate user recovery in case of lost or forgotten passwords

Synchronize Windows password for single sign-on and reduce help desk calls

pp

pp

Enterprise Fit

With Wave, it’s easy to fit encryption into your enterprise data protection plan.

SEDs are standards-based technology supported by every major drive manufacturer, and included with many Dell, HP and Lenovo PC models; encryption becomes part of the endpoint platform rather than an add-on.

Wave delivers a Microsoft Management Console Snap-in for integrated enterprise management.

Encryption is completely transparent to the user, and does not affect boot time or application response times.

Encryption keys never leave the drive microprocessor, eliminating cost and complexity of key management.

Encryption for All Your Endpoint Needs

Many security experts agree that SEDs offer the most secure and best performing encryption at a cost that is substantially less than software alternatives. That means using self-encrypting drives in laptops and desktops where possible. However, because organizations often have IT infrastructure that mixes new and existing technology, Wave understands the need to protect information on removable media and existing PCs that don’t contain SEDs. And for this reason offers enterprise security management for Microsoft BitLocker®, encryption of removable storage devices like USB sticks and external hard drives and intelligent software encryption for older machines. Wave’s solutions work where you are and offer seamless migration and centralized encryption management as you refresh your laptop/desktop computers to include SEDs.

Self-Encrypting Drives

TM

Gartner believes that, within five

years, all HDDs and SSDs will be

shipped preloaded with some kind of

industry-standard FDE technology

p

...the simplest, most secure way to encrypt endpoint data.

Wave Systems Corp. 480 Pleasant Street, Lee, MA 01238 (877) 228-WAVE • fax (413) 243-0045 www.wave.com

Copyright © 2012 Wave Systems Corp. All rights reserved. Wave logo is trademark of Wave Systems Corp. All other brands are the property of their respective owners. Distributed by Wave Systems Corp. Specifications are subject to change without notice.

03-000322/version 1.01 Release date: 09-24-2012

Wave Systems is a leading provider of client and server software for hardware-based information security, enabling organizations to know who is connecting to their critical IT infrastructure, protect corporate data, and strengthen the boundaries of their networks.

For further information please visit www.wave.com or contact us at sales@wave.com.