Wave Systems this week rolled out an upgrade to its PC-based encryption and authentication software that adds a way for customers to remotely manage security policy and receive copies of user-generated keys as a corporate backup.
Embassy Trust Suite 5.0 provides Microsoft Office file and folder encryption and digital signing on any PC running the Trusted Computing Group’s Trusted Platform Module (TPM). The latest version of Wave Systems’ encryption software, which competes against similar offerings from IBM and others, adds a server component that lets IT managers set policy and store copies of user keys on Microsoft’s Active Directory.
“When any user creates a key, an encrypted copy of that private key is sent to the centralized server,” says Steven Sprague, Wave Systems CEO.
The software also includes a way security managers could set a policy requiring use of biometric sensors, such as fingerprint scanners, on a machine to unlock a store of keys that are held on the TPM hardware.
With the product, separate policies could be established for different corporate divisions, such as finance or human resources, so that access to private keys through passwords or smart cards might be required. Sprague said computer manufacturers, including Lenovo (IBM) and Dell, have shipped millions of PCs with TPM modules in them.
Restaurant chain Papa Gino’s, of Dedham, Mass., says it considers data encryption so important in security that it is making use of TPM mandatory with new laptops and PCs purchased by the firm.
“We now use TPM with 65 out of our 1,500 laptops and PCs, and we’re migrating to it with new purchases,” says Chris Cahalin, network manager with the 400-restaurant chain operating throughout New England.
Cahalin says his firm’s research and testing of desktop encryption software to use the encryption capabilities of TPM convinced him that Wave Systems’ software worked well across vendor boundaries, whether it was Dell, HP or IBM PCs.
The feature for storing copies of user encryption keys was critical. “You can’t operate in an enterprise environment with this backup,” he notes. He says TPM ships with most PCs today without additional cost, but IT managers might not be aware of the security benefits TPM offers.
Embassy Trust Suite 5.0, available next week, starts at US$50 per seat.