[FDE] New DoD encryption mandate and TPM requirements

Bryan Glancey bryan at mobilearmor.com
Thu Aug 16 15:51:55 MDT 2007 

The rest of Grimes Memo links to the DARTT (Data At Rest Tiger Team) -
which does not include Wave Sys. Therefore Wave Sys is legally barred
from Federal Government sales for the next 5 years.

The list of DARTT approved vendors can be found on
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/0
6-18-2007/0004610437&EDATE=


The included vendors from this press release are:

" Products are Mobile Armor LLC's Data Armor; Safeboot NV's Safeboot
Device Encryption; Information Security Corp.'s Secret Agent; SafeNet
Inc.'s SafeNet ProtectDrive; Encryption Solutions Inc.'s SkyLOCK
At-Rest;
SPYRUS Inc.'s Talisman/DS Data Security Suite; WinMagic Inc.'s
SecureDoc;
CREDANT Technologies Inc.'s CREDANTMobile Guardian and GuardianEdge
Technologies' GuardianEdge."

If you would like to validate the legality of GSA SmartBuy and
purchasing on or off the Blanket Purchase Agreements:

http://www.gsa.gov/Portal/gsa/ep/contentView.do?programId=8399&channelId
=-18846&ooid=22458&contentId=23207&pageTypeId=8199&contentType=GSA_BASIC
&programPage=%2Fep%2Fprogram%2FgsaBasic.jsp&P=SBUY




------------------------------------
Mobile Armor
Bryan E. Glancey
Senior Vice President & Chief Technology Officer
bryan at mobilearmor.com
400 South Woods Mill Rd.
Suite 110
Chesterfield, MO 63017
tel: 877-276-6778
fax: 877-277-7369
mobile: 314-495-2048
http://www.mobilearmor.com/
------------------------------------


-----Original Message-----
From: fde-bounces at www.xml-dev.com [mailto:fde-bounces at www.xml-dev.com]
On Behalf Of Ali, Saqib
Sent: Thursday, August 16, 2007 12:16 AM
To: FDE at www.xml-dev.com
Subject: [FDE] New DoD encryption mandate and TPM requirements

John Grimes' (DOD chief information officer) July 3rd memo is
mandating encryption for all sensitive but unclassified information on
mobile devices in compliance with FIPS 140-2.  "Mobile devices"
include laptops, PDAs, CDs, flash drives, etc.
See:
http://iase.disa.mil/policy-guidance/dod-dar-tpm-decree07-03-07.pdf

Also all new computer assets (servers, notebooks, desktops, PDAs) must
have TPM (if available). I guess this is good news for Wavesys
<http://www.wavesys.com/ >.  Wavesys is the only company that makes
enterprise grade TPM management suite that can be centrally managed.

But I think more and more FDE vendors will now start supporting TPM
for encryption key management, and trusted device management.
_______________________________________________
FDE mailing list
FDE at www.xml-dev.com
http://www.xml-dev.com/mailman/listinfo/fde

More information about the FDE mailing list