Trend Micro Data-at-Rest Solution SecureDoc Solution Presentation Derek Tsang Michael Desjardins Steven Pomerenk October 12, 2010

Copyright Trend Micro Inc. Agenda Differentiate your State Vendors Evaluation Criteria Considered SecureDoc Overview Ready or Not – here comes new technology Questions & Answers

Copyright Trend Micro Inc. Data Security – Be very careful Security – best of breed is a must One stop – all in one suite shopping has never worked –Security is not a haphazard adventure – get it right the first time Antivirus vendor vs. FDE Vendor –Switching AV is easier than switching FDE Be very careful of your vendors –M&A activity is very distracting for 2 years FDE is the only thing we do –Multiple GSA schedules, BPA’s 3

Copyright Trend Micro Inc. Biggest differentiator One integrated DAR solution –Configuration/deploy/manage of PC Mac Linux clients alike –Management and support of SEDs and normal drives –Encryption of removable media USB, cd dvd thumb drives –Password recovery tools –Self help hint challenge Enterprise class key management The key is to manage your encryption keys “keys”use cases :cd,dvd, external drive thumb drives »lost or stolen »Internal – productivity / security has been an inverse relationship »Do not sacrifice security internally 4

Copyright Trend Micro Inc. Biggest differentiator(cont’d) Enabling your IT security governance policies Password rules Policies on USB usage Data logs for auditing client, server (sync’d) (HIPAA, HITECH) Deployments – we deploy more easily using your existing push tools (.msi and.exe) (other Gov't agencies 1500 in one week with no help desk calls Reduced calls to help desk – total transparency to end user (totally seamless with SSO and custom PBA screen) 5

Copyright Trend Micro Inc. Gartner MQ Client Inquiries Data Leakage Stability and Performance Encryption offered as a managed service EPP Package Deals. Government security certifications: o FIPS is the current standard o CC certification is a true international moniker Hardware sub systems: o TCG, TPM, Intel AT Key management, storage and destruction methods

Copyright Trend Micro Inc. Gartner MQ on WinMagic Strengths WinMagic invests heavily in R&D. For example a recent development involves enhanced integration with Intel AT that will help to process PC lock commands through the motherboard in real time to control boot access and to wipe storage drives. WinMagic has the following FIPS and CC certifications: FIPS Level 2 and CC EAL4. It was included in the GSA's SmartBuy award. Platform support is provided for Windows 2000 through 64-bit Windows 7, Mac OSX and Linux. Embedded system support includes Seagate encrypting drives, TCG encrypting drives, TPM, and Intel AT.

Copyright Trend Micro Inc. Evaluation Criteria Enterprise Class Management Automatic, central policy management Consolidated management of Security information and Events Enterprise Key Management & Escrow, on demand key provisioning Seamless sharing of encrypted information Standards based Cryptography Multi-Platform support: Mac, PC, LINUX World Class Support North American support

Copyright Trend Micro Inc. Evaluation Criteria User Transparency Secure pre-boot authentication with support for your current and future business process (HIPPA & HITECH BREACH LAW)  Tokens  Smartcards  Future: Biometrics, Proximity Productivity  Single sign on  Self help password recovery Support for Self Encrypting Hardware technology  Distribution and Management tools to work with Seagate and OPAL drives Interoperability  Disk imaging tools  Works with Any Anti-virus software, disk utilities and data recovery tools

Copyright Trend Micro Inc. Transparent Access to Encrypted Network Files and Folders

Copyright Trend Micro Inc. Certifications SecureDoc has been accredited by:  The National Security Agency (NSA) (SECRET level)  Federal Information Processing Standards (FIPS) Level 1 and Level 2  Common Criteria EAL Level 4  National Institute of Standards and Technology (NIST) Certificate #1  Canadian Communications Security Establishment  BITS  US Federal DARTT initiative – 2 BPAs

Copyright Trend Micro Inc. SecureDoc Architecture WindowsMac / EFILinux Passwords Tokens Smartcards Biometrics PKI TPM FDE Data Leak Protection RME FFE Call Home Port Control Antivirus Interface API 3 rd Party Management Applications SecureDoc Centralized Management SecureDoc Client Software Seagate FDE New Crypto Devices API Intel AT New Devices Self Encrypting Removable Drives OPAL Corporate LAN, Internet, 3G Authentication Peripherals

Copyright Trend Micro Inc. Technology Partnerships 80+ technology partners: greatest breadth and depth

Copyright Trend Micro Inc. Enterprise-Class Management Automatic synchronization of user / group profiles with Active Directory or other LDAP services Consistent, auditable enforcement of security policies and user access privileges ‘Silent’ software deployment and initialization Local and Remote Password recovery tools and self help capability Unique key labeling so that keys encrypted archives can always be restored Auditing capabilities Accommodates millions of disk sectors, files and folders

Copyright Trend Micro Inc. Comprehensive Data Protection Strong encryption for hard drives and removable media Single or multi-factor user authentication at pre-boot Password, USB token, PKI, smartcard, biometrics and/or TPM Only DARTT-approved vendor to employ TPM at pre-boot File and Folder Encryption - Manual and Automatic Central configuration and management of user / group profiles Central assignment of user access privileges ‘Silent’ software deployment and initialization Use “push” technologies like SMS Supports.msi or.exe files Management of multiple encryption schemas

Copyright Trend Micro Inc. New Technologies New Technologies Intel® Anti Theft Technology What is it? o Hardware based security building blocks to protect your PC when it is lost or stolen How does it work? o PC is disabled via poison pill over the internet o Local intelligence on PC detects theft and triggers action o PC remains disabled even if OS is re-installed or BIOS is re- flashed o PC can be easily reactivated via a local password or server- generated code Intel AT helps deter laptop theft and protect data

Copyright Trend Micro Inc. Key Benefits –HW-based capabilities improve asset and data security and offer higher tamper-resistance –As the PC becomes inoperable and access to encrypted data (with data encryption software) disabled, Intel AT-enabled solutions can be a deterrent for thieves –When returned, the PC can be easily reactivated without any loss of data or damage to PC Use Cases –System locks after excessive failed login attempts –System locks after failure to check in with management server –User reports loss or theft and IT sends remote disable “Poison Pill” SecureDoc management of Intel Anti-Theft Technology

Copyright Trend Micro Inc. New Technologies New Technologies OPAL and Seagate Partnering to provide next-generation security and security management for portable data-at-risk ‘Raising the bar’ for data security, user transparency and ease- of-administration Supporting Opal drives from Hitachi, Fujitsu, Toshiba, Samsung

Copyright Trend Micro Inc. SecureDoc Clients SecureDoc is becoming the de-facto standard for security- conscious organizations around the world.

Copyright Trend Micro Inc. Questions and Answers Thank You !! Q & A