We build security

that starts with the

device

About Wave Systems

1

Many companies claim to be ahead of the information security

curve. But for two decades, Wave Systems Corp. has actively

defined that curve.

Our technological innovation and leadership in embedded

security have steered the IT industry toward data and network

protection that is transparently simple, highly cost-effective and

virtually impossible to penetrate. With Wave as your partner, you

can guarantee the integrity of network endpoint devices using

leading-edge technology that’s already deployed across your

scattered workforce.

Wave is not just another enterprise software security firm. Our

solutions make it a pain-free task to protect all data on mobile

platforms, securely access the Cloud and allow workers to safely

log onto your network with their personal devices.

About Wave Systems

2

As more users, devices and data move beyond the traditional security

of the corporate campus, attacks on information have grown in both

diversity and sophistication. Today, the dangers range from sophisticated

Advanced Persistent Threats that can silently monitor a network, to

FireWire attacks able to bypass endpoint encryption to the all too

common lost or stolen laptop.

Meanwhile, governments around the globe are enacting laws and regulations

that require companies to publicly disclose data breaches, and often pay hefty

fines—unless the company can guarantee its data is safe and cannot be misused

by unauthorized persons.

The traditional defense of hiding information behind a wall of software is

clearly inadequate to these challenges. And it will become even less effective

as enterprises increasingly rely on mobile platforms, Cloud computing and

personal devices used for work.

Fortunately, the industry needn’t invent some futuristic new solution to defend

this infinitely expanding frontier. The future is right here, right now. It is already

revolutionizing the strength, reach and simplicity of information security today.

…And Wave Systems is the leading provider.

THE Information Security Landscape

3

Embedded information security

Wave’s leading-edge solutions build on a very simple principle:

Security starts with the device.

Far from being radically new or unproven, embedded security already prevents

fraudulent use of cell phone and cable networks, Xbox LIVE and iTunes. All make

an endpoint device the cornerstone of network security.

No device; no access. It’s that simple.

Imagine if you could…

� Turn your endpoint devices themselves into security tokens

� Use a single password to access your corporate network and all

of your Cloud-based services

� Monitor endpoint health in real-time to counter malware attacks

� Save time and money while guaranteeing compliance

� Allow employees to safely use their personal devices for work

� Be confident that your investment in endpoint protection today

can address the unknown security needs of tomorrow

Only embedded security can enable this vision for your data network, and its

hardware elements are already onboard over 500 million PCs today, or available

for a nominal fee as an option on new devices. The final piece is available from

Wave Systems, which is the most comprehensive source for solutions that

let you activate and take advantage of the embedded security you probably

already own.

Security starts with the device.

4

The Three Elements of Embedded Security

A decade ago, leading hardware, software and security vendors recognized the perimeter of the

corporate network was quickly vanishing, and that hiding endpoint data behind a wall of software no

longer provided adequate protection. In response, they formed the Trusted Computing Group (TCG),

whose charter members included the likes of Dell, IBM, Intel, Microsoft and Wave Systems. The TCG’s aim

was to develop international vendor-neutral, peer-vetted and interoperable standards that would enable

a new generation of information security built on three elements:

1. Self-Encrypting Drives (SEDs): The future of encryption, SEDs are available today as an

inexpensive option from leading PC vendors. SEDs are similar to standard hard drives,

except they embed encryption into their core processor chip. That not only makes them

impervious to software attacks, it also means they cost significantly less and greatly

outperform conventional software encryption solutions.

2. Trusted Platform Modules (TPMs): The foundation for device identity and health, TPMs

are cryptographic security chips included in virtually every business class PC today. Think

of them as built-in tokens—without the costs associated with purchasing, deploying or

replacing them. TPMs provide a persistent and unique identity for each endpoint on your

network. In addition, they can protect user access to your network and cloud services. Plus,

TPMs enable centralized monitoring of endpoint health by ensuring, for example, that an

endpoint’s BIOS is free of malware.

3. Central Security Management: The third and most important element, enterprise

management, enables centralized administration of embedded security on all mobile

endpoints. Available only from Wave, it enables remote activation, monitoring and

management of all SEDs and TPMs across your distributed organization. Plus, it restores

real-time, policy-based security controls and proof of compliance on your network’s

furthest endpoints.

The future of information security is right here right now, and Wave Systems is your most trusted provider.

3

5

Wave offers more than just another piecemeal defense against endpoint

data loss and network breaches. It provides everything you need to

prove your data is protected, and to know what devices are attached to

your network and Cloud services.

Deter unauthorized users, devices and malware

With the lion’s share of corporate data residing on network endpoints, you have

a lot of territory to defend. Yet, it is surprisingly easy to breach sensitive data by

simply connecting a memory stick to a corporate laptop, or to bridge private

internal networks via a WiFi or 3G modem connection. Only embedded security

from Wave Systems lets you actively defend data on every endpoint and every

device over every interface across your organization.

Specifically, Wave allows you to:

� Stop data leakage through physical ports, wireless interfaces and

removable media

� Detect and restrict devices by type, model or unique serial

number, or control WiFi access by MAC address, SSID or the

security level of the network

� Inspect, classify and block data leakage via email, instant

messaging, websites, external storage devices, printers and more

� Control the transfer of files both to and from external storage

devices according to file type

� Detect and block both USB and PS/2 hardware keyloggers

Defend data

Your network’s mobile endpoints are literally moving targets and, until they are

secure against attack, your business intelligence, reputation and bottom line are

at risk. Most experts agree that encryption is essential to protecting data at the

endpoint. The question is: Which encryption solution is right for you?

GARTNER

BELIEVES THAT

BY 2015 ALL DISK

DRIVES WILL SHIP

PRE-LOADED WITH

SOME INDUSTRY-

STANDARD FDE

TECHNOLOGY,

LIKE SELF-

ENCRYPTING

DRIVES.

THE FUTURE OF INFORMATION SECURITY IS RIGHT HERE RIGHT NOW, AND

WAVE SYSTEMS IS YOUR MOST TRUSTED PROVIDER.

CAPABILITIES

6

Wave offers a range of solutions, whether you need to protect data-in-motion,

secure endpoint data or manage full-disk encryption platforms across your

organization.

� Self-Encrypting Drives (SEDs): The future of encryption is

available today as an inexpensive option from leading PC

vendors, and Wave provides the industry’s most comprehensive

management solution. Wave is the only solution that delivers

drive initialization, user management, drive locking, user

recovery and crypto erase for all Opal-based, proprietary and

solid-state SEDs.

� Microsoft BitLocker®: Wave provides automated turn-key

management for Microsoft BitLocker encryption, which is

suitable for organizations that have not yet phased SEDs into

their computers and who are migrating to Win7 that have

Microsoft Enterprise Agreements or Software Assurance for

Volume Licensing.

� Software Encryption: In cases where SEDs are not an option,

Wave offers its award-winning Safend Encryptor software, which

automatically encrypts all data files without any negative effect

on system performance.

� Removable Media Encryption: With Wave, you can easily

encrypt data-in-motion on removable storage devices, external

hard drives and CD/DVDs.

Detect emerging threats

Wave lets you ensure that only the devices you trust are attached to your

networks and services. Our solutions tell you what’s happening with your

security as it’s happening, and enables you to prove your data is safe at all times.

� Guarantee only known devices gain access to your networks

and services

� Spot Advanced Persistent Threats by detecting unauthorized

changes to the pre-boot environment, as your systems power on

� Know who is connecting what devices to each and every port on

each and every endpoint

� Locate, classify and map sensitive data stored on network endpoints

CAPABILITIES

“YOU MAY FIND YOUR

ORGANIZATION IS IN A

SIMILAR SITUATION TO

PWC, WHICH MAY LEAD YOU

TO USE TPM FOR STRONG

AUTHENTICATION.”

KARL WAGNER, PWC

DIRCTOR, GLOBAL IT

7

8

Wave EMBASSY® Remote Administration Server (ERAS)Wave ERAS provides all the tools you need to remotely search for, initialize, configure and administer a global fleet of computers equipped with self-encrypting drives (SEDs) and Trusted Platform Modules (TPMs). With ERAS, you can centrally provision security policies to end-points across your organization, limit access of encrypted information to authorized individuals and remotely manage user and device credentials. Most importantly, ERAS grants an authority of proof, allowing organizations to demonstrate that they were, and are, compliant with regulations in the wake of a security breach.

Wave for BitLocker® ManagementWave for BitLocker Management provides a turn-key solution for intuitive, centralized management of Microsoft BitLocker encryption across your organization. Set policies, with a click of a button, and monitor your security from a single console—dramatically simplifying your deployment by eliminating the need for specialized knowledge or costly systems.

Wave CloudWave Cloud is scalable, yet a powerful software-as-a-service solution for data protection. Deployed quickly and managed efficiently, it allows organizations to centrally enforce strong data encryption policies on laptops across the enterprise—but without the complexity and cost associated with an on-premise solution. Wave Cloud is the only Cloud-based service that lets you manage SEDs.

Wave Endpoint MonitorWave Endpoint Monitor (WEM) is the industry’s first embedded solution for detecting Advanced Persistent Threats that install malware within a computer’s pre-boot environment. Such attacks can allow hackers to silently monitor a user’s keystrokes, invade networked machines, or upload sensitive data—all while remaining invisible to both the user and the computer’s anti-virus security defenses. WEM counters such threats by leveraging the TPM to scan a system’s pre-boot environment for anomalous behaviors. If it detects such anomalies, WEM immediately alerts IT authorities with real-time analytics.

PRODUCTS

9

Safend ProtectorSafend Protector defends your organization from the risks associated with endpoint data leakage. It enforces encryption of all data transferred to removable storage devices, and grants control over every physical and wireless port across your organization. Now you can intelligently allow, block or restrict the usage of any or all computer ports across your company according to the computer on which they are located, the user who is logged in and/or the type of port. Plus, Safend Protector can detect and selectively restrict devices by device type, model and even by specific device serial number.

Safend EncryptorSafend Encryptor automatically encrypts all data files, while avoiding encryption of the operating system and program files. This innovative concept minimizes the risk of operating system failure, and has a negligible impact on system performance—seamlessly protecting your data, without changing any of your existing end-user or helpdesk workflows.

Safend InspectorSafend Inspector prevents data leakage from common data transfer methods. It enforces data-centric security policies across multiple channels, including email, web (HTTP, HTTPS), FTP, external storage devices, CD/DVD burners, PDA devices and printers—all without disrupting legitimate business processes or impacting end-user productivity.

Safend DiscovererSafend Discoverer maps and locates sensitive data stored on network endpoints and shares. Running in the background with minimal system impact, it saves valuable time by expertly mapping data to disclose unsecured information and at-risk business processes. Armed with this information, administrators can dramatically improve security before a breach occurs.

PRODUCTS

10

Leading device and software vendors, government cyber-security officials and independent industry analysts all agree: Embedded security is the future. But it was Wave Systems that blazed the trail for the technology. Today, we are the industry’s most experienced partner and its most comprehensive source for embedded security management platforms. A few credits we’ve earned:

1. Wave pioneered the industry’s first enterprise-level embedded security solutions, and currently supports the world’s largest deployments in Financial, Healthcare and Government. Our client list includes one of Detroit’s Big 3 Automakers, as well as market leaders like BASF and Pricewaterhouse Coopers.

2. Wave was a founding board member of the Trusted Computing Group, where it helped define international open standards for Trusted Platform Modules and Self-Encrypting Drives.

3. Wave is a lead contributor of federal guidelines for embedded security, such as NIST Special Publication 800-155 which establishes standards for using TPMs to counter Advanced Persistent Threats.

4. Wave is a top innovator, with an intellectual property portfolio comprising 16 patents on embedded security, with 35 more on file.

The Leader in Embedded Security Management

Leading device and software vendors, government cyber-

security officials and independent industry analysts all

agree: Embedded security is the future. But it was Wave

Systems that blazed the trail for the technology. Today, we

are the industry’s most experienced partner and its most

comprehensive source for embedded security solutions. A

few credits we’ve earned:

1. Wave pioneered the industry’s first enterprise-level embedded security solutions, and currently supports the world’s largest deployments. Our client list includes one of Detroit’s Big 3 Automakers, as well as market leaders like BASF and Pricewaterhouse Coopers.

2. Wave was a founding board member of the Trusted Computing Group, where it helped define international open standards for Trusted Platform Modules and Self-Encrypting Drives.

3. Wave is a lead contributor of federal guidelines for embedded security, such as NIST Special Publication 800-155 which establishes standards for using TPMs to counter Advanced Persistent Threats.

4. Wave is an embedded security innovator, with an intellectual property portfolio comprising 16 issued patents and 35 more on file.

The Leader in Embedded Security Management

11

The Future

As the corporate perimeter continues to vanish, Elvis isn’t the

only one leaving the building. Your mobile workforce is almost

certainly growing. As it does, your people will expect the flexibility

of an office without walls to meet the growing demands of their

professional and personal lives. With that expectation there

will come increasing demands for anytime anywhere access to

information. If they haven’t already, expect people to start asking

questions about using their personal computers, smart phones

and tablet devices for work.

Meanwhile, there’s the Cloud, which promises to deliver your

people timely access to email, sales contacts, and benefits

anywhere in the world. But for you, that promise will feel like

pressure—pressure to eliminate complex network connections, and

let data be available on-demand. But delivering on that promise

doesn’t let you off the hook for protecting information security.

Your network endpoints may still be multiplying. Advanced

Persistent Threats (APTs) may still be evolving. Yet, you’re still

accountable for ensuring the safety of all the critical business

information and trade secrets that your organization is storing,

accessing and sharing… Out there.

Your users and applications have left the building. There’s already

a billion devices out there and counting. Where will you draw the

line of defense that will protect your business and your brand?

Arm your devices!

12 Copyright © 2012 Wave Systems Corp. All rights reserved. Wave logo is trademark of Wave Systems Corp. All other brands are the property of their respective owners. Distributed by Wave Systems Corp. Specifications are subject to change without notice.

03-000313/version 1.00 Release date: 02-24-2012

Wave Systems EMEACentral/Eastern EuropeDarmstaedterLandstrasse 87-89,D-60598Frankfurt, Germany+49 69 959 32 393emea@wave.com

Wave Systems EMEANorthern Europe47 Belgrave SquareLondon SW1X 8QR, UK+44 1235 520956 emea@wave.com

Wave Systems EMEASouthern Europe,Africa & Middle East24 ter, rue Abbé Larose 44190 Gorges, France +33 2 28 07 42 01 emea@wave.com

Safend Ltd.Middle East32 Habarzel StreetTel Aviv 69710, Israel Tel: +972 3 6442662 Fax: +972 3 6486146 emea@wave.com

13

Becausethe IT perimeter has vanished,security must start with the device.

Wave Systems Corp.480 Pleasant StreetLee, MA 01238toll free: (877) 228-WAVEtel: (413) 243-1600fax: (413) 243-0045www.wave.com