Data Protection Fde Solution Presentation
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
2,014
On Slideshare
2,013
From Embeds
1
Number of Embeds
1

Actions

Shares
Downloads
10
Comments
0
Likes
0

Embeds 1

http://www.linkedin.com 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • Where the buck stops on a lot of these threats is at the CEO’s desk. There are four key things to consider: The first is Regulatory compliance— It has become a mandate, whether you want to do it or not. Second is the Safekeeping of customer data —This is critical, particularly in the case of any organization that talks to individual customers. Examples are credit card companies or government agencies. There are numerous organizations where losing a pile of data could expose the personal information of thousands or even millions of customers, putting those individuals at risk of identity theft. CEOs also have to worry about abiding by their organization’s own Internal Security Policies —many times this is the fundamental check and balance against maintaining compliance to external regulations. And last is Protecting Corporate Intellectual Property which is simply a fundamental requirement of the job.
  • So if it is so obvious that organizations need to encrypt, why are people not doing it. In 2005, Ponemon did a study and found that 5 to 10% of laptops were not being encrypted at all. When asked why, there were 3 primary reasons. The first is System Performance - most full disk encryption software hits the hard drive and CPU pretty hard. Every time a bit has to get written back and forth to the drive, the CPU has to spend cycles there to crypt and decrypt . As applications and OS’s have gotten more complex the hard drives get hit a lot and that can slow system performance to a crawl. The second is Complexity – installation can be a complex and lengthy process. Turning on a full disk encryption software package can take many hours as it goes through existing data and encrypts every bit back and forth to the drive. Maintaining these systems can be time consuming as well. And last is Cost - encryption is not free, it costs something to do this. And much more than the modest cost of the software, is the cost of maintaining it. It’s the IT person having to touch every machine – every time something has to be changed; or every time you install an application that doesn’t play nice with the encryption software; or when an employee loses their password, or leaves the organization and they have to re-permission the machine
  • So what is the Dell data security solution for mobile users? Dell listened to its customers, from C-level Executives to End Users, partnered with IT industry leaders (Seagate and Wave systems) and created a comprehensive, hardware-based, data security solution. First box : We start with our Award-winning Latitude notebooks and Precision workstations. Second box: Then add the Seagate Momentus full disk encryption hard drive as a factory installed option and bundle it with Wave’s Embassy Trust Suite Trusted Drive Manager software to locally manage the encrypted drive. Third box: By adding Wave’s Embassy Remote Administration Server software, this enables remote deployment, lifecycle management, and automated compliance/reporting. Fourth box : And finally, when combined with Dell’s security best practices such as BIOS settings, Anti-virus software, utilization of multi-factor authentication solutions…. Fifth box: Dell has delivered The World’s Most Secure Commercial Notebook!
  • The Seagate Momentus 5400 FDE.2 hard drive is hardware based data protection device that prevents unauthorized access to data on a lost or stolen notebook – You could also say that it is protection for data at rest. The drive is available today from Dell in capacities up 120GB A few of the features provided by Seagate’s DriveTrust technology include: Full disk encryption , the drive employs the government standard of encryption algorithms (AES 128 bit) Pre-boot authentication , the OS will boot in a protected storage partition until the user successfully authenticates, only then will the drive unlock, and the system will boot normally to the Windows OS Quick erase , the administrator can simply delete the user’s hard drive password, thereby rendering all of the data on the hard drive inaccessible.
  • With your “Trusted Drive” solution out of the box your bring your customers strong pre-boot access control and a simple user interface. This makes things easier for the end user and the administrator – and this is what they have been looking for. You give them advanced administrative controls from a centralized remote management console and the ability to view logs so that they can prove that these systems conform to auditing and compliance requirements.
  • The Trusted Drive Manager is the basic client application that allows you to perform the basic utility functions to integrate the FDE drive into your daily workflow. When you initially boot the encrypted hard drive, the notebook will see it as a normal SATA drive. The Trusted Drive Manager enables the DriveTrust features, such as: Adding users Deleting users Unlocking the drive Setting Security Policies Set up for Pre-boot Authentication; which most users will utilize for additional security And it provides the hooks required to talk to the backend management software provided in the form of Wave’s Embassy Remote Administration Server
  • This overview was to provide you with a high-level understanding of a great way to position your full disk encryption options with your customer. These slides come from a more in-depth Dell overview on the same information. Today, we stressed the merits of hardware-based FDE and the management software your customer will need to activate the advanced security functions for their corporation. At Dell, the concept is that Seagate’s FDE drives are a “seismic shift” in the data protection landscape. Here at Wave we will continue to support your getting the message out ASAP. This is a win-win situation. If you’d like more information on the topic, please feel free to download Wave’s white paper “Protecting Your Business from Costly Data Theft” and the “Trusted Drive Manager Walkthrough Guide” offering you step-by-step instructions on implementing the TDM software for your Seagate FDE drives. These can be found on wave.com in the solutions section on the upper left hand side of the home page. For local sales and technical support in the Scandinavian Region, please call Bruno Chatellier, Wave’s RSM at +33674407099. Email bchatellier@wavesys-emea.com

Transcript

  • 1. Dell Security Webinar Featuring Seagate FDE Drives                                    
  • 2. The WORLD’S MOST SECURE NOTEBOOK Perfect Solution for lost and stolen PC
      • Dell offers exceptional encryption solutions to protect against internal and external threats with an industry-first combination of:
        • Dell Latitude and Precision
        • Seagate Hardware Encryption HDD
        • Wave Systems Management Solution
  • 3. Information Security Broad set of information security challenges
    • Safekeeping of customer data
      • Loss of data could expose personal information of thousands, or even millions, of customers, placing them at risk for identity theft
    • Protecting corporate intellectual property
      • Fundamental requirement of management’s job
    • Maintaining regulatory compliance
      • Compliance is a mandate, whether you want to do it or not
    • Ensuring internal security policies
      • Organizational check and balance against maintaining compliance
  • 4. There is no such thing as bad publicity !
    •   “ British retailers ordered to encrypt all laptop hard drives”
    • “ Doctors to face steep fines £5,000+ if they compromise patients personal information”
    • “ Directive issued to encrypt laptops leaving Whitehall containing personal data”
    • “ Leading building society find almost £1M by FSA over lost laptop”
  • 5. Why Don’t Organizations Encrypt today?
    • The primary reasons cited for not encrypting sensitive or confidential information according to the survey:
    * Ponemon Institute’s 2005 National Encryption Survey System Performance Complexity Cost 69% 44% 25%
  • 6. Dell Data Security Solution For Mobile Users Wave Embassy Remote Administration Server Dell Latitude D531, D630, D631, D830, E4300, E5400, E5500, E6400, E6400 ATG and E6500 Dell Precision M2300, M2400, M4300, M4400, M6300 and M6400 Seagate Momentus 5400 FDE.2 HDD Wave Client Trusted Drive Manager
  • 7. Seagate Momentus 5400 FDE.2 Solution for lost and stolen notebooks
    • Industry Leading Storage
    • 80, 120 or 160 GB
    • 5400 & 7200 RPM
    • 2.5-inch form factor
    • SATA
    • DriveTrust ™ Technology
    • Hardware encryption – AES 128 bit
    • Integrated access control
    • Protected storage partitions
    • Momentus 5400 FDE.2 Drive
    • “ Always-On” encryption
    • High performance encryption
    • Strong hardware security
    • Instant Cryptographic Erase
    • +
    • =
  • 8. Trusted Drive operating in ATA Mode Default mode when embedded Security is Un-initialized Drive Controller Encryption Data Encrypted In ATA mode the encryption key has no access control Boot Block ATA Mode Operation When drive security is not enabled the drive functions as a normal ATA drive. At power-up the drive executes the code in the boot block and then execute normal windows boot-up from the drive.
  • 9. Wave Software: Initialization of Trusted Drive embedded security All these steps can be remotely managed from a Domain console with the Embassy Remote Administration Server . Drive Controller Authentication Encryption Data Encrypted Provision pre-boot Enroll Users / Admin
  • 10. TDM: Pre-boot authentication process © 2007 Wave Systems Corp. Confidential. All Rights Reserved. UNDER CONSTRUCTION Drive Controller Authentication Boot Clr TXT Crdtl Crdtl Encrptd Encryption Data Encrypted
  • 11. Hardware vs. Software Encryption DELL CONFIDENTIAL INTERNAL ONLY Dell Hard Drive Encryption Software Encryption Computer Memory Resources Consumption No Yes CPU Cycles Consumption No Yes Encryption Key Access No Yes Encryption Key Generation Risk No Yes Turn Off Possibility No Yes Decryption need for OS Maintenance No Sometimes IT Deployement and Management Easy Moderate to Difficult Secure and instant Erase Yes No Recovery password Yes Sometimes Windows Password Synchronization Yes Sometimes Compliance Certification NSA approved FIPS 140-2 Remote Management Yes Yes Specific Drive need Yes No Non-Microsoft OS support No Sometimes
  • 12. The Trusted Drive Solution Seagate ® DriveTrust ™ Technology
    • Strong pre-boot access control
    • Simple user interface
    • Advanced administrative controls
    • Centralized remote management
    • Activity logs for auditing and compliance validation
    • FDE recovery password system
    FDE DRIVE Embassy ® Trusted Drive Manager Embassy ® Remote Administration Server ENTERPRISE NETWORK
  • 13. EMBASSY Trusted Drive Manager
    • Initialize DriveTrust functions
      • Add user
      • Delete user
      • Unlock drive
    • Security Policy Management
      • Lock enable/disable
      • Instant cryptographic erase
      • Backup/recovery passwords
      • Reset drive
      • Windows Password Synchro
      • Single Sign-On
      • Remember Last User
    • Pre-boot authentication
    • Compatible with Embassy Remote Administration Server
  • 14. Dell FDE Remote Management Server
    • Wave Embassy Remote Administration Server (ERAS)
      • FDE remote management
        • FDE Drive Initialization
          • Add/delete user credentials
        • Lock enable/disable
        • Instant cryptographic erase
        • Recovery Password
        • Windows Password Synchronization
        • Single Sign-On
        • Remember Last User
        • Conformance checking / logging
      • TPM remote management
      • Needs Windows Server 2003 with Active Directory and MSQL 2005
  • 15. Are you interested in the Dell FDE Solution?
    • Do you need to protect data on laptop computers?
    • Do you need to encrypt your laptops HD to be compatible with your enterprise security policies ?
    • Are you running Microsoft® Windows XP or Vista ?
    • Do you plan to purchase new laptops in the near term?
    • Are you concerned about system performance impact and installation overhead (time & resources)?
    • Did you already have problems using SW encryption solutions?
    • Would you be interested to be able to certify* that all hard drive data is encrypted either for compliance or corporate policy reasons?
      • *Note: requires Wave Embassy Remote Administration Server software
    © 2007 Wave Systems Corp. Confidential. All Rights Reserved.
  • 16. How do you get it? Use your Dell contact
    • Dell notebooks, with Seagate FDE drives and Wave’s EMBASSY Trusted Drive Manager, are currently available on Dell Latitude and Mobile Precision
    • The ERAS Server is available today from your Dell account team
    • Call your Dell sales representative to express your interest in having FDE drives and Wave management software
    • Ask for the Dell FDE evaluation
  • 17.
    • Adaptasoft (Payroll software solutions)
      • “ As providers of software and services for payroll providers, we understand the importance of keeping client and employee information secure. We evaluated data protection solutions from other vendors, but early on we were sold on the inherent advantages of hardware based encryption for our mobile data. That’s why the clear choice was Wave—their product was in a class above all others ,” noted David Virkler, Chief Information Officer at AdaptaSoft Inc. “ All of our future laptops will include Wave’s software, FDE hard drives from Seagate.  With Wave’s EMBASSY Remote Administration Server, we’ve been able to manage Seagate’s drives . We chose Wave because they had the enterprise infrastructure in mind when they designed their solution, thus enabling a low-touch, fully functional, data protection solution.”
    Customer References © 2008 Wave Systems Corp. Confidential. All Rights Reserved.
  • 18. Customer References
    • CBI (Canadian Back Institute)
      • “ As one of the largest healthcare services and management providers in all of Canada, with more than 2,300 clinical and support providers on staff, it’s our obligation to safeguard our patients’ information and take proactive measures to mitigate the risk of data breach.    Wave offers a technically progressive solution that was compelling when compared to the other market offerings.” said Ken Waring, Director of IT at CBI Health. “ We chose Wave because of its   ease of use,   low total cost of ownership and their strategic relationship with Dell. ”
    •   CBI was an acquisition account and selected Dell primarily due to the Wave solution being shipped as standard . This solution is now part of the standards within CBI for all future buys.
    •  
    © 2008 Wave Systems Corp. Confidential. All Rights Reserved.
  • 19. Wave Enterprise Customers
  • 20. Information Resources
    • Data Protection white paper
    • TDM and ERAS walkthrough guide
    • Visit us online:
      • www.dell.com /security
      • www.wave.com /products
      • www.seagate.com
  • 21. THANK YOU ! Stanley Mtshali [email_address] South Africa Rep (Agent) Wave Systems Corp +27 78 861 33 88