LEE, MA--(Marketwired - Apr 8, 2013) - Wave Systems Corp. (NASDAQ: [ WAVX ]), the Trusted Computing Company, is offering enhanced FIPS-mode management capabilities for enterprises seeking greater control and easier management of Microsoft® BitLocker™, the full-disk encryption feature on select versions of Vista, Windows 7 and Windows 8. FIPS refers to the [ Federal Information Processing Standard ] 140, which is required for all cryptography procured and used by the U.S. government and Department of Defense.

"BitLocker™ has become increasingly popular as a more secure means to encrypt data, but many organizations lack the expertise to fully leverage BitLocker™ and the advanced FIPS settings built in," said Brian Berger, Executive Vice President and CMO for Wave Systems. "A FIPS-compliant BitLocker™ deployment is easy with Wave; users can set policies with a click of a button, and monitor security from a single console -- dramatically simplifying the roll out in mixed OS environments by eliminating the need for specialized knowledge or costly systems."

Many government agencies, supply chain, and commercial organizations that adhere to government's regulations require that BitLocker™ be configured with FIPS enabled. Technically that means only the strongest encryption algorithms are available and some of the simpler recovery procedures cannot be used. FIPS mode is also becoming a requirement in industries with particular security or privacy concerns such as banking, automotive and healthcare.

Administration Beyond MBAM
While the security and compliance benefits of BitLocker™ are evident to a growing number of organizations -- notably within government -- the lack of a central management solution has presented a roadblock to adoption. For basic management of BitLocker™ deployments, MBAM (Microsoft® BitLocker™ Administration & Monitoring) provides a help desk and reporting interface (available to those who purchase seat licenses for Microsoft Desktop Optimization Pack). Wave management solutions go beyond help desk and reporting by giving administrators the ability to remotely manage clients, to enable or disable encryption and to check encryption status. For environments where security is paramount, Wave provides a simple interface to create a BitLocker™ startup token that can be used in conjunction with the Trusted Platform Module (TPM) to implement a split-key deployment. In such a deployment a data can only be decrypted after the user has inserted the startup token and then unlocked the TPM with a PIN.

[ Wave for BitLocker™ Management ] organizes the core Microsoft capabilities into a simple and intuitive administrative application for setting up and maintaining BitLocker™ clients. Wave eliminates the cost and complexity associated with creating custom scripts and Active Directory schema extensions and its console makes it easy to initialize, configure and administer deployment of BitLocker™ clients. Time and resource-strapped IT departments have a powerful tool for:

• Remote discovery and activation of BitLocker™ client machines
• Zero touch deployment and management of the TPM
• Assignment of users and associated policies (using existing Microsoft Active Directory frameworks)
• Secure recovery of passwords (with audit recording of their usage)
• Monitoring of all BitLocker™ events -- from activation and policy management, to user access/recovery and help desk functions.
• Security and compliance reporting -- for a secure record of proof that data was protected in the event a PC is lost or stolen.

Single Console for BitLocker™ AND Trusted Computing
BitLocker™ offers even greater protection when used in conjunction with the TPM, which ships as a standard component on business-class PCs, laptops and Windows 8 mobile tablet devices. Transparent to the user, the TPM adds hardware protection for encryption keys and recovery passwords, extending BitLocker™ security to protect data and ensure that an organization's PCs or devices have not been tampered with. On computers that have a TPM version 1.2, BitLocker™ uses the TPM to help ensure that data is accessible only if the computer's boot components appear unaltered, and the encrypted disk is located in the original computer. When using Wave, the TPM is not reserved exclusively for BitLocker™. It can also be used for device identity, machine health and hardware protected user identities. Modern malware attacks are making these security capabilities increasingly essential.

Wave for BitLocker™ Management console allows remote management of the OPAL-compliant SEDs in all your devices (OPAL-1 as well OPAL-2, standards from the [ Trusted Computing Group ]). Wave Endpoint Monitor (WEM) complements the security of BitLocker and SEDs and provides digitally signed proof of the endpoint's health. By continuously monitoring the state of the machine s, measurements generated by Wave leveraging the TPM chip, WEM is able to generate alerts if a local administrator or a piece of malicious code disables encryption, BIOS or changes to the master boot record (MBR).

To learn more about wave's simple, cost-effective government solutions, including BitLocker, TPM and SED management, visit [ www.wave.com ].

About Wave Systems
Wave Systems Corp. (NASDAQ: WAVX) reduces the complexity, cost and uncertainty of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the security capabilities built directly into endpoint computing platforms themselves. Wave has been a foremost expert on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.

Safe Harbor for Forward-Looking Statements
This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements.

All brands are the property of their respective owners.