Press Release

Leading Organizations Unveil New Interoperability Specification for Encryption Key Management to Aid IT Security, Compliance and Data Recovery

The Security Division of EMC, Seagate and Thales (formerly nCipher) today announced the creation of a jointly developed specification for enterprise key management that is engineered to dramatically simplify how companies encrypt and safeguard information. The companies -- leaders in enterprise computing, storage, and security -- developed the Key Management Interoperability Protocol (KMIP) in response to customers’ needs to enable the widespread use of encryption. The companies intend to submit KMIP to OASIS (Organization for the Advancement of Structured Information Standards) for advancement through the organization’s open standards process.

LONDON, Feb. 12, 2009 - 

Brocade, HP, IBM, LSI, RSA - The Security Division of EMC, Seagate and Thales (formerly nCipher) today announced the creation of a jointly developed specification for enterprise key management that is engineered to dramatically simplify how companies encrypt and safeguard information. The companies -- leaders in enterprise computing, storage, and security -- developed the Key Management Interoperability Protocol (KMIP) in response to customers' needs to enable the widespread use of encryption. The companies intend to submit KMIP to OASIS (Organization for the Advancement of Structured Information Standards) for advancement through the organization's open standards process.

KMIP was developed by HP, IBM, RSA and Thales to meet the compelling needs of today's enterprise data center environments, with Brocade, LSI and Seagate joining the effort. All seven companies will now be devoting time and resources to OASIS for ongoing development.

According to IDC , 44 percent of enterprises plan to encrypt more than 75 percent of their data by 2009, and one of the top two issues related to deploying encryption is the ability to recover the data .

"The use of encryption is widely recognized as the best method for protecting valuable information and enabling compliance with industry and government regulations, "says Charles Kolodgy, research director at IDC. "Time and time again, our research shows the primary barrier to the widespread use of encryption is the fear that encrypted data will be lost - slowing the adoption of encryption. Users are demanding strong key management systems and advancing this work through the open standards process offers tangible benefits for vendors, developers and enterprises alike."

Companies often deploy separate encryption and key management systems for different business uses, such as laptops, storage, databases and applications, and until now cumbersome - often manual - efforts were necessary to generate, distribute, vault, expire, and rotate encryption keys. This has resulted in increased costs for IT, difficulty meeting audit and compliance requirements, and lost data.

"The IT community is asking for open standards and interoperability to help meet the increasing demand for encryption," says Laurent Liscia, executive director of OASIS. "We applaud Brocade, HP, IBM, LSI, RSA, Seagate and Thales for choosing to advance KMIP through the open standards process, and we encourage others in the security community-both users and providers-to participate in the standardization of this very important work."

Developed by leading enterprise storage, systems and security vendors, KMIP is designed to provide a single, comprehensive protocol for communication between enterprise key management services and encryption systems. Brocade, HP, IBM, LSI, RSA, Seagate and Thales are committed to delivering KMIP-enabled solutions. By taking advantage of KMIP-enabled software and devices, companies will be able to cut operational costs and reduce risk by removing redundant, incompatible key management processes.

Streamlined key management is essential in a wide variety of data management processes. For example, the data recovery process requires locating encryption keys quickly even for tapes created weeks or months earlier. At the same time, this efficiency must not impact the security of keys or violate corporate policies regarding how keys are stored and distributed . KMIP enables vendors to address this need for enterprise-wide key management, providing customers with better data security and decreased expenditures on multiple key management products and operations.

KMIP is the first specification for enterprise key management that is ready for adoption. It was developed to support other industry standardization efforts and is complementary to application-specific standards projects such as IEEE 1619.3 (for storage needs) and OASIS EKMI (for XML needs).

About the Key Management Interoperability Protocol (KMIP)

The Key Management Interoperability Protocol (KMIP) enables key lifecycle management. KMIP can be used by both legacy and new encryption applications, supporting symmetric keys, asymmetric keys, digital certificates, and other "shared secrets." KMIP offers developers templates to simplify the development and use of KMIP-enabled applications.

KMIP defines the protocol for encryption client and key management server communication. Key lifecycle operations supported include generation, submission, retrieval, and deletion of cryptographic keys. Vendors intend to deliver KMIP-enabled encryption applications that support communication with compatible KMIP key management servers.

More information can be found at http://xml.coverpages.org/KMIP/

About EMC

EMC Corporation (NYSE: EMC) is the world's leading developer and provider of information infrastructure technology and solutions that enable organizations of all sizes to transform the way they compete and create value from their information. Information about EMC's products and services can be found at www.EMC.com.

Brocade® (Nasdaq: BRCD) develops extraordinary networking solutions that enable today's complex, data-intensive businesses to optimize information connectivity and maximize the business value of their data. For more information, visit www.brocade.com.

Thales is a leading international electronics and systems group, addressing defense, aerospace and security markets worldwide. Thales's leading-edge technology is supported by 22,000 R&D engineers who offer a capability unmatched in Europe to develop and deploy field-proven mission-critical information systems. To this end, the group's civil and military businesses develop in parallel and share a common base of technologies to serve a single objective: the security of people, property and nations. The group builds its growth on its unique multi-domestic strategy based on trusted partnerships with national customers and market players, while leveraging its global expertise to support local technology and industrial development. Thales employs 68,000 people in 50 countries with 2007 revenues of €12.3 billion. www.thalesgroup.com

Press Contacts

Erin Collopy,
HP
(408) 390-6783
erin.collopy@hp.com

Liz Harris,
Thales
+44 (0)1223 723612
liz.harris@thales-esecurity.com

Jenn McManus-Goode,
RSA (781) 515-6313
jmcmanus@rsa.com

David Szabados,
Seagate
(831) 439-2859
david.szabados@seagate.com

Brian Garabedian,
LSI,
(408)433.8253
brian.garabedian@lsi.com

Michelle Lindeman,
Brocade
(408) 333-5319
mleach@brocade.com

Leigh Ann Schmidt,
IBM (914) 766-1362
leighanns@us.ibm.com

NOTE: This release contains "forward-looking statements" as defined under the Federal Securities Laws. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) adverse changes in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) our ability to protect our proprietary technology; (iv) risks associated with managing the growth of our business, including risks associated with acquisitions and investments and the challenges and costs of integration, restructuring and achieving anticipated synergies; (v) fluctuations in VMware, Inc.'s operating results and risks associated with trading of VMware stock; (vi) competitive factors, including but not limited to pricing pressures and new product introductions; (vii) the relative and varying rates of product price and component cost declines and the volume and mixture of product and services revenues; (viii) component and product quality and availability; (ix) the transition to new products, the uncertainty of customer acceptance of new product offerings and rapid technological and market change; (x) insufficient, excess or obsolete inventory; (xi) war or acts of terrorism; (xii) the ability to attract and retain highly qualified employees; (xiii) fluctuating currency exchange rates; and (xiv) other one-time events and other important factors disclosed previously and from time to time in EMC's filings with the U.S. Securities and Exchange Commission. EMC disclaims any obligation to update any such forward-looking statements after the date of this release.

* 1 TB = 1,000,000,000,000 bytes.

Copyright© 2009 Iomega Corporation. All rights reserved. Iomega, REV, and StorCenter are registered trademarks of Iomega Corporation in the United States and/or other countries. EMC, LifeLine, Mozy, RSA and Retrospect are trademarks or registered trademarks of EMC Corporation or its subsidiaries. All other trademarks are the property of their respective holders.

Notes: