Utimaco Takes Leading Role in Preparing Companies to Meet State Encryption Mandates

Upcoming Presentations and Free Trial Software to Help Organizations Prepare for Massachusetts Encryption Legislation That Goes Into Effect May 1, 2009

Foxboro, Mass., US/ Oberursel, Germany, November 21, 2008 / Utimaco – The Data Security Company, today announced a series of efforts to help companies prepare for, and be compliant with, new encryption legislation mandated by the state of Massachusetts that will take effect May 1, 2009. Utimaco’s ongoing education campaign—comprised of webinars, live presentations, industry surveys, free software offers, and compliance counsel—will arm CIOs and IT managers with knowledge, best practices and new technology to adjust their security practices to comply with current and future mandates.

The new legislation, 201 CMR 17.00: Standards for the Protection of Personal Information of Residents of the Commonwealth, will require any company doing business in the state, or one that holds personal data of Massachusetts residents, to encrypt that data on laptops or other portable devices. The mandate will likely have national implications, as many organizations have customers or conduct business within Massaschusetts, even though they may be headquartered elsewhere. While data breach disclosure legislation has been in place in many states for some time, encryption-specific data security laws have only recently become the focus of lawmakers, with Nevada passing the first encryption law that went into effect on October 1, 2008. Other states, such as New York and California, are already considering similar legislation.

A series of initiatives to help companies comply
To help companies ensure compliance in advance of the deadline, Utimaco will host a series of presentations in the coming months to bring clarity to the legislation and provide recommended best practices. Among the topics that Utimaco will address:

• 201 CMR “101”: understanding how your company is impacted by new rules
• Knowing where your critical data lies and the effectiveness of your current risk mitigation procedures
• Creating and enforcing a security policy that meets your data security needs
• Knowing when and how to upgrade data security solutions
• Best practices for encrypting devices and protecting records that pass through public networks

The first of these presentations will be addressed as part of Utimaco’s ongoing Seminar Series held in conjunction with Microsoft and Lenovo. The discussion will take place on Thursday, December 4, 2008 at Microsoft’s Massachussets office at 201 Jones Road, Waltham, 8:30am to 1:30pm EST. Seating is limited, register today to attend. Also in December, Utimaco will survey attendees at the SC World Congress in New York, Dec. 9-10 at the Javits Center, to shed light on how prepared today’s oragnizations are to comply with the regulations, and gauge additional regulatory measures they expect the government to enact.

After SC World Congress, Utimaco will embark on a series of Webinars, hosted by Utimaco’s Head of Product Marketing and recognized security expert Nagraj Seshadri, to overview how new technology and stricter corporate security policies can help organizations comply as the deadline looms. Moreover, Utimaco’s professional services team will offer specific advice to customers that need help deciphering the mandate and determining their best path toward compliance.

Bolster compliance with free trial software
Ahead of the deadline for compliance, Utimaco will offer a free trial of its SafeGuard data security solution providing companies with comprehensive encryption on laptops, USB drives and other removable media that require encryption according to the mandate. Utimaco SafeGuard products includes easy deployment and intuitive, tamper-proof endpoint monitoring. Those interested in obtaining a trial download can obtain more details by visiting http://www.utimaco.com

“The Massachusetts mandate will no doubt usher in additional regularly mandates from the state and federal governments, which have increasingly realized the importance of properly protecting personal and other confidential data,” said Craig Bumpus, COO, Utimaco Americas. “By preparing in advance and understanding the issues and actions needed to be compliant, companies can avoid being overwhelmed as the deadline approaches. Our goal is to help organizations remain proactive about their security strategies and continue to provide the best encryption solutions available to meet ever-changing compliance needs.”

About Utimaco Safeware AG – The Data Security Company.
Celebrating 25 years in business, Utimaco is a leading global provider of data security solutions, enabling mid- to large-size organizations to safeguard their data assets against intentional or accidental data loss, and to comply with privacy laws. Utimaco’s complete range of data security solutions provide full 360 degree data protection for data at rest, data in motion and data in use. Utimaco offers its customers comprehensive on-site support via a world-wide network of certified partners and subsidiaries. Utimaco Safeware AG, with headquarters in Oberursel, near Frankfurt, Germany, is listed on the Frankfurt Stock Exchange (ISIN DE0007572406). For more information please visit www.utimaco.com.

Additional information:
Utimaco Safeware AG –
The Data Security Company.
http://www.utimaco.com
Deb Symons
Tel: +1 508-543-1008 x222
E-Mail: deb.symons@utimaco.com

Media Contacts:
Version 2.0 Communications
Rob Halpin
Tel: +1 617-426-2222 ext. 117
E-mail: rhalpin@v2comms.com