San Jose, California, February 5, 2007 – SPYRUS, Inc., an innovator in portable hardware security products and solutions, today used the RSA Conference 2007 to announce the availability of its next generation Hydra Privacy Card® (Hydra PC™) Series II version 2.0 USB personal encryption device with major new security features. The new Hydra PC Series II v2.0 device provides superior security and compliance features for securing sensitive data on removable memory devices that can easily be lost, stolen or misused.

With a number of high profile data breaches in the news during the past year, unsecured data on memory drives poses significant compliance issues for organizations. Statutes and regulations such as the Gramm-Leach-Bliley Act, California SB-1386, the Payment Card Industry Data Security Standard, and the Health Insurance Portability and Accountability Act (HIPAA) call for the protection of personally identifiable information (PII). Adopting the Hydra PC Series II v2.0 would comply with all of these legislative requirements while providing individuals with the flexibility to easily and securely use corporate critical data in remote and mobile situations.

The proliferation of mobile devices such as laptops, thumb drives, external portable drives, and smart phones with huge amounts of memory storage significantly increases the likelihood of data theft, loss or misuse of sensitive personal and enterprise data, and identity theft. Encryption provides some level of protection, but security policies that dictate how personnel can access, store, or travel with sensitive data are often violated, either accidentally or intentionally.

“Many of the data breach incidents reported over the past two years are from insiders who are trusted, authorized users,” said Tom Dickens, Chief Operating Officer, SPYRUS. “Hydra PC implements our innovative split knowledge mechanism that does not explicitly trust either a user or computer. We split the knowledge, or secret, between people, machines and our product so that data walking out the door can’t be copied to an unauthorized machine at home.”

The new features of the Hydra PC Series II v2.0 personal encryption device announced today solve issues of data protection on mobile devices and the intentional or inadvertent policy violation by employees for storing, accessing, transporting and protecting data. These features include the following:

• Encrypted files can be stored on miniSD storage cards, on the computer’s hard drive, on a shared network drive, on an external storage drive, or even on an Internet-accessible storage drive such as Yahoo Briefcase. This feature helps protect data-at-rest (DAR) and data-in-transport (DIT).
• All data is encrypted and sealed on a file-by-file basis in the Hydra PC hardware, ensuring that rogue software or malicious viruses cannot compromise any files or data.
• The Hydra PC implements a Host Authorization Code mechanism, a unique SPYRUS technological breakthrough, so the Hydra PC will only function when used with computer platforms authorized by administrative policy. This prevents a user from removing sensitive data at the office and using an unauthorized computer at home or elsewhere to either maliciously or inadvertently cause a data security breach.
• A unique Hydra PC Sentry feature locks out the use of unauthorized USB storage devices, Firewire disk drives, or any other mass storage class devices from the protected computer platform. This feature ensures compliance because users can’t violate policy by taking unencrypted data out of the office on unprotected storage devices.
• The encryption keys are destroyed and access to encrypted files is blocked after 10 incorrect PIN entries, rendering it completely useless to a hacker if the Hydra PC is lost or stolen.