Entrust First to Achieve Compliance with Stringent Government Requirements Through Upgrade to Flagship Desktop Security Platform

Company Furthers support for U.S. Government agencies by conforming with the new NIST Federal Bridge enabled profile and PKITS security test suite

12 May 2004

DALLAS - Entrust, Inc. [NASDAQ: ENTU], a world-leading provider of Identity and Access Management solutions, announced today that its newly upgraded desktop security platform is the first to be validated against the U.S. National Institute of Standards and Technology's Federal Bridge Enabled Path Validation Module, in addition to passing rigorous testing against the Public Key Interoperability Test Suite (PKITS) developed by NIST in conjunction with DigitalNet and the National Security Agency (NSA).

Validation against these authoritative and comprehensive conformance tests offers government and IT professionals an independent measure of software quality, and thus a lower-risk choice when selecting a desktop security solution. These latest standards specifically address challenges associated with communicating and collaborating amongst government agencies or organizations.

"The draft NIST Recommendation for X.509 Path Validation specifies the functionality that a path validation module must implement in order to be Bridge-enabled," said Tim Polk, PKI program manager, NIST.  "The comprehensive test suite found in PKITS consists of more than 200 tests and provides assurance that this critical security functionality is correctly implemented."

This standards achievement builds on the Entrust tradition of leading the market with security solutions that meet the stringent certification requirements set by independent third parties and governments. The validation coincides with the global availability of Entrust® Desktop Solutions 7.0, an upgraded suite of security software products that enables governments and enterprises to easily deploy and manage a common layer of security for their day-to-day desktop applications such as e-mail, remote access and collaboration.

"We have integrated Entrust credentials into our time reporting and other business systems since 1998, and we use their desktop solutions on Mac, Linux, and Windows platforms," said Sharon Wilder, public-key infrastructure manager at Pacific Northwest National Laboratory. "The Entrust environment gives the laboratory the ability to conform to government standards and regulations, including NIST FIPS 140-1, GPEA, eSign, and NIST's Federal Bridge-Enabled profile."  

The upgraded suite includes the following products, which are available now to customers:

• Entrust Entelligence™ Desktop Manager:  This underlying component of the suite provides a single, common layer of security across desktop applications. Transparent to the user, it provides automatic lifecycle management of a user's digital identity, and consistently applies centrally-defined policies and security settings. This extensible security layer is designed to meet stringent government security standards while being easy to use and manage.
• Entrust Entelligence™ E-mail Plug-in for MS Outlook:  A tightly integrated plug-in that allows users to digitally sign and encrypt e-mail messages at the click of a button, making it easy for users to send and receive secure communications. 
• Entrust Entelligence™ File Plug-in: This component provides automatic and transparent encryption of files in folders to protect sensitive information on workstations and laptops.
• Entrust Entelligence™ Sign-on:  This component allows users to enter a single password to log in once to Windows and all secured desktop applications. This simplifies the user experience while restricting access to the user workstation or laptop.
• Entrust Entelligence™ Installation Designer: This setup and deployment tool allows administrators to easily create custom, branded installation packages of the desktop software to distribute to end users.

Entrust is a leading security solution provider for over 1,250 customers, including more than 320 global government customers and has deployed cyber security solutions in more than 50 U.S. Federal government departments and agencies.

"We are especially pleased to be able to continue our longstanding commitment towards independent review and validation of our security solutions as we work with our customers to address their needs," said Kevin Simzer, senior vice-president, Entrust marketing. "Securing sensitive corporate or citizen data and applications in day-to-day business activities is an imperative. Our upgraded desktop security platform delivers government-strength security with a low cost of ownership."

Entrust Desktop Solutions 7.0 can serve as the desktop foundation for all three Entrust core security solutions:  Secure Data, Secure Messaging and Secure Identity Management. By securing digital identities and information, these solutions make it possible for organizations to extend new online services and access to customers, partners and employees, while improving compliance with regulatory demands for stronger internal controls and information privacy. For further information visit:  http://www.entrust.com/entelligence/desktop/index.htm

About PKITS
PKITS is a comprehensive X.509 path validation test suite that was developed by NIST in conjunction with DigitalNet and NSA. It validates the set of processes, technically known as certificate path validation, executed by users or applications that rely on digital identities. These processes determine whether the identity the user or application is planning to use is authentic, is issued by a trusted authority, is valid and is appropriate for the intended use.  For further information visit:  http://csrc.nist.gov/pki/testing/x509paths.html