Trusted Computing Group News October 2012  
Welcome to the Trusted Computing Group's newsletter! Stay current with TCG activities, including recent case study releases, news items and upcoming events.  
In This Issue
Comply to Connect Architect's Guide Now Available!
TCG Gearing up for RSA 2013
Marketing Work Group Records Data Security Webcast
TCG Member Companies Speak at ITSAC
Connect with Trusted Computing Group on LinkedIn
TCG Members Demonstrate Trusted Computing Solutions at Information Assurance Expo and (ISC)2 Security Congress
Industry News
Trusted Computing Resources
Featured Press Release
Upcoming Events
Comply to Connect Architect's Guide Now Available!
Comply-to-connect is a standards-based approach to managing access to corporate networks, both from within and without, on multiple devices as long as the health and state of the devices can be verified.

Risk is not a binary (yes or no) concept, nor is compliance. Comply-to-connect solutions allow an organization to set policies that define granular access to resources, and enable devices and users to demonstrate ongoing compliance with those policies.

Both commercial and open source developers have embraced technology from the Trusted Computing Group's (TCG's) Trusted Network Connect (TNC) work group to build products for continuous monitoring of device security while enabling mobility and flexibility for users. This Architect's Guide shows security architects how they can design and deploy successful multi-platform Comply-to-connect solutions based on the open TNC architecture and standards.

Access the guide here.

TCG Gearing up for RSA 2013 

Mark your calendars now for RSA 2013, Feb. 25 - March 1, 2012 at San Francisco's Moscone Center. TCG will host its popular Monday association session, Feb. 25, 10 a.m. - 2 p.m.


While we continue to polish the agenda and locate dynamic, interesting speakers who can speak to real-world security issues and trusted computing implementations, we can give you a bit of a sneak peek - watch for a top-level keynote, loads of exciting new demos and interesting panels of leading security and IT analysts, users and technologists.


In the meantime, you can register now for the expo sessions and rest of the conference at the RSA Conference website. The TCG event is offered to all expo registrations, and is free of charge.

Marketing Work Group Records Data Security Webcast
The Marketing Work Group recently recorded a new ComputerWorld webcast discussing the topic of data security in today's era of new generation mobile devices.  Speakers include Steve Hanna of Juniper networks covering BYOD (Bring Your Own Device) and how it relates with TNC Technology, Lark Allan of Wave Systems discussing MTM and TPM technology, and finally Michael Willett of Samsung on how self-encrypting drives address these new security threats.   

Keep an eye out for the release of this new webcast!
TCG Member Companies Speak at ITSAC
This year's IT Security Automation Conference (ITSAC) was held at the Baltimore Convention Center October 3-5, 2012.  TCG member companies spoke on subjects including TNC and SCAP and endpoint reporting for compliance and continuous monitoring.

Lisa Lorenzin, Juniper Networks, addressed the topic "Security Automation: Connecting Your Silos," while Chris Daley, GDC4 Systems, covered "End-to-end Trust and Security Assertions for Mobile Platforms."  In addition, Charles Schmidt of MITRE discussed SCAP and the TCG Trusted Network Connect specifications.  All of these talks were part of the conference's Security and Automation Track.

During the event, TCG announced the release of the TNC SCAP Messages for IF-M specification which can be found here.  You can also take a look at the FAQs and blog post for this specification.

In addition to these talks by TCG member companies, TCG also had a booth providing information about the organization and recruiting potential new members.
Connect with Trusted Computing Group on LinkedIn
With its focus on professionals and growing number of discussion groups, LinkedIn is a great tool for sharing information, discussing topics and how-tos, and getting feedback on the industry. Recently, Trusted Computing Group tweaked its group. The new Trusted Computing Group discussion area has been growing quickly as vendors and users find us and start discussions about the Trusted Platform Module, upcoming events, and information assurance and cyber-security.

If you are on LinkedIn already, you can search for us under "groups" and join or click here to access the page directly. If you already have found us, welcome and we will see you there!
TCG Members Demonstrate Trusted Computing Solutions at Information Assurance Expo and (ISC)2 Security Congress
A number of TCG member companies recently demonstrated trusted computing solutions at both the Information Assurance Expo (IAE) in Nashville, TN and the (ISC)2 Security Congress in Philadelphia, PA.

The IAE was held in conjunction with the Information Assurance Symposium (IAS), hosted jointly by the National Security Agency (NSA), Defense Information Systems Agency (DISA), and the United States Strategic Command (STRATCOM).  The following member companies were present:
  • Absolute showed its Secure Drive provisioning and management of self-encrypting drives (SEDs) based on TCG's specifications.
  • DMI showed how the Trusted Platform Module (TPM) and Trusted Network Connect (TNC) technologies stop remote attackers, provide visibility into network status and provide continuous enforcement of device health and security policies.
  • Juniper Networks demonstrated Comply to Connect, based on the Trusted Network Connect standards, to verify the security of endpoints connecting to the network.
  • Wave Systems demonstrated how TPMs can be provisioned to verify machine health, provide access control and enable strong authentication. Set-up, recovery, management of SEDs were also shown.
The (ISC)2 Security Congress, September 10-13, 2012 was co-located with the ASIS International 58th Annual Seminar and Exhibits.  The following member companies were present:
  • CMS Products showed the management of self-encrypting drives (SEDs) based on TCG's specifications.
  • Fraunhofer SIT and NCP showed how embedded systems can be enabled for trust, based on the TCG TPM and the IF-MAP protocol.
  • Fraunhofer SIT demonstrated security enabled via TPM-based attestation on mobile ad-hoc networks, which can be susceptible to attack vectors at multiple levels.
  • General Dynamics C4 Systems demonstrated an integrated, off-the-shelf solution for authentication and authorizing endpoints and users, based on the TCG TPM and the IF-MAP protocol.
  • Hirsch Identive showed how organizations can securely share physical access control systems information with other trusted systems and applications, using the TCG IF-MAP protocol.
  • Juniper Networks demonstrated Comply to Connect, based on the Trusted Network Connect standards, to verify the security of endpoints connecting to the network.
  • Wave Systems demonstrated how TPMs can be provisioned to verify machine health, provide access control and enable strong authentication. Set-up, recovery, management and recovery of SEDs also will be shown.
For information about upcoming TCG events visit the events page.
Industry News
Securing Data on a Moving Target: Self-Encrypting Drives Deliver Top Security, Performance and Manageability

Today's increasingly mobile work force has moved more and more end-users, devices, computing applications and highly sensitive data beyond the safety of the enterprise firewall. As the number of laptops multiplies across the enterprise, the prospect of a security breach through a lost or stolen device shifts from a speculative risk to a virtual inevitability. Such breaches can now be measured in dollar signs, as underscored by a 2009 study by the Ponemon Institute, which estimated a lost or stolen laptop can cost an enterprise $200 for every customer record stored on the device....  Read more.

Trusted Computing Solutions

Published Specifications        Developer Tools 

Network Security Solutions    Media Room

Data Protections Solutions     Membership Overview

 

Featured Press Release 

Trusted Computing Group Offers Implementation Blueprints in New Architect's Guides  

 

The Trusted Computing Group has created a new series of architect's guides to assist IT users in deploying widely available security solutions to solve common enterprise security problems. The first three guides address mobile device security, BYOD security, and comply to connect.... Read more
 

 

 Upcoming Events 


TCG Annual Members Meeting    

Oct. 16 - 18, 2012 

Vancouver, B.C. 

 

SNW Fall 2012

Oct. 16 - 19, 2012 

Santa Clara, California

 

Industrial Control Systems Joint Working Group 2012 Fall Meeting 

Oct. 18, 2012  
Denver, Colorado
     

 6th Chinese Conference on Trusted Computing and Information Security (CTCIS 2012) 

Oct. 27 - 29, 2012 

Fuzhou, Fujian, China  

 

Storage Visions 2013

Jan. 6 - 7, 2013

Las Vegas, Nevada

 

RSA Conference 2013

Feb. 25 - Mar. 1, 2013

San Francisco, California 

 

 

 

View All Upcoming Events 

Our Mission 

The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.

 

Interested in becoming a member?
 

TCG's Network 


Follow us on Twitter   

  View our profile on LinkedIn