Press Releases

Irvine, Calif. - June 11, 2008 - Uniloc Inc., the leader in device-based authentication, today announced its top ten rules for securing SCADA networks and Industrial Control Systems. Uniloc's advice comes at a time when threats to control systems can originate from numerous sources such as terrorists, industrial spies, disgruntled employees, malicious intruders, human errors and accidents, equipment failures, and natural disasters. Addressing this threat, Uniloc recently unveiled NetAnchor CIS^TM, a powerful device-based Identity and Access Management (IAM) appliance for securing critical infrastructures against such potentially catastrophic threats to water and power utilities, oil and gas infrastructure, transportation networks and large industrial environments.

In a paper entitled, Ten Rules for Combating Cyber Security Attacks on Critical Infrastructure, Jim White, head of Uniloc's infrastructure security group, presents guidelines for addressing challenges in securing the nation's critical infrastructure. The paper, available as a free download at www.uniloc.com, provides insight and strategies for protecting these sensitive networks.

"Following the release of our NetAnchor CIS critical infrastructure security solution, many customers asked us to send them basic information about how best to secure their SCADA networks," said Jim White, VP, Business Development for Uniloc. "After receiving significant feedback from the industry, it is in the best interest of our nation that those managing its critical infrastructure have the most advanced technology and methodologies available for securing these networks."

Uniloc's Top Ten Rules for Combating Cyber Attacks on Critical Infrastructure

Begin with your environment

1. Do Serious Risk Analysis. Determine what your exposure is to identified threats, their consequences, cost of mitigation and risk tolerance. Create a risk profile of critical assets, using it as a basis to develop policies and procedures prior to deploying technologies.

2. Implement policies and procedures. Before implementing any technical solution, create a comprehensive set of policies and procedures that serve as guidance to operators, security personnel, vendors, and anybody who could have access to or contact with SCADA systems.

3. Ignore training at your peril. Often overlooked, staff training is one of the most important components of a good security plan. Having the right technical policies, procedures and infrastructure is useless without people knowing how to properly use them. Training should encompass all aspects of your security plan.

4. Make security policies as important as safety policies. You should have zero tolerance within the organization for security breaches across any aspect of your SCADA environment. Such breaches can lead to loss of life, bodily injury or other consequences such as a detrimental impact on the environment or local community.

5. Integrate physical and cyber security. Physical access controls and surveillance technologies need to be integrated into an overall cyber security infrastructure. Just as SCADA has migrated to the use of IP protocols and COTs technologies, access and surveillance functions have moved in parallel. Integrating these functions creates a coordinated approach to protecting critical systems.

Know your enemy -- better yet, know your friends

6. Create a "trust" zone. Isolate cyber assets from all personnel except those specifically authorized. Focus on methodologies and technologies that authenticate and authorize only those who are trusted and prohibits all others by default.

7. Establish authentication for users and devices/systems. Device/system "fingerprinting" provides the first layer in creating a "cyber fortress" architecture. Such architecture creates a trust perimeter for both SCADA systems and access clients based on the actual physical fingerprint authentication of systems and devices.

8. Strictly enforce privileges. Ensure that only authenticated systems and clients are allowed to communicate across an encrypted communications channel. All applications should use Role Based Access Control (RBAC) at both the application and device level. Device fingerprinting technology allows RBAC to be implemented at a level that has not been available before -- the device itself.

9. Use dynamic password methodologies. Periodically changing passwords is a best-practice policy worth following. However, in some cases the policy can be restrictive and unenforceable. Using a dynamic challenge and response mechanism between hardware devices creates a hardware password that is enforced dynamically and only known between trusted devices.

10. Adopt physical device recognition. Many companies seek to mitigate the risk of problems caused by humans (traditionally the 'weak link' in security systems) by using multi-factor authentication, notably human biometrics such as retina scanning, smart cards, and fingerprinting. While all of these serve to identify an authorized user, most are not practical in an industrial environment. The best solution is to include a user's computer as part of an identity and access control solution, validating identity through multi-factor identification.

About NetAnchor CIS

NetAnchor CIS protects SCADA networks using Uniloc physical device recognition to restrict access to distributed field components to designated computers used by authorized personnel at the control center and in the field. With NetAnchor CIS, an authorized user must be on an authorized device to access control system networks. NetAnchor CIS provides notification and location of unauthorized connection attempts to the NetAnchor CIS Virtual Private Network (VPN) as well as attempted physical connection attempts to a NetAnchor CIS field security appliance. NetAnchor CIS also shields control systems against malicious code threats, ensuring against network vulnerabilities and allowing centralized field security monitoring.

About Uniloc Device-Based Authentication

Physical Device Recognition (PDR) is the core technology behind NetAnchor CIS and is based on the fundamental principle that no two digital devices are identical. The process of physical device recognition starts by generating a digital identity for a device, known as its "Physical Device Fingerprint." A physical device fingerprint is made up of a combination of machine characteristics and properties that are generated using a set of proprietary algorithms. The Uniloc Physical Device Fingerprinting algorithms allow the unique, reproducible identification of a device with an accuracy greater than 3.4 * 10^38, allowing Uniloc to identify devices with more comparable accuracy than human DNA testing. When applied to NetAnchor CIS, the stage is set for this device-based authentication to stand as the leading access control solution for infrastructure security.

About Uniloc

Uniloc USA is the technology leader in electronic Physical Device Recognition (PDR) for critical infrastructure security. The core technology platform driving Uniloc innovation is physical device fingerprinting, the company's patented method of uniquely identifying a user device, such as a PC or PDA, by the naturally occurring, inherent physical imperfections of that device, and then incorporating that physical device fingerprint into licenses or access credentials. Uniloc's technologies can identify devices with more comparable accuracy than human DNA. Uniloc is the inventor and holder of the seminal physical device locking patent (U.S. 5,490,216) and has 9 related patents pending. Uniloc has applied its Physical Device Fingerprinting technical expertise to several vertical markets, including software publishing, network authentication, transportation, social networking and DVD retailing.

Irvine, Calif. - June 5, 2008 - Uniloc USA Inc., the leader in physical device recognition for IP protection and license management, today unveiled its top five software licensing strategies for improving the software user experience, reducing software piracy and driving increased sales. Software publishers finding themselves faced with the complexities of customer service, hacker-based revenue loss and evolving market demands seek guidance to remedy these issues. Assisting software publishers, Uniloc's Casey Potenzone provides strategies for growing software organizations by applying next-generation software licensing technology.

Software publishers are frequently challenged with maintaining customer satisfaction to drive product adoption while counteracting piracy. Furthermore, models of distribution are evolving with new and ever expanding partnership and affiliate channels, overseas distribution mechanisms, and new licensing models such as software-as-a-service bringing new complexities. Regional levels of piracy vary dramatically, necessitating more flexible licensing models that can adapt to such variations. Recognized as some of the industry's toughest problems for software publishers, they are readily addressed with the right approach to licensing.

In a paper entitled, Strategies Addressing the Top Five Software Licensing Challenges, Potenzone presents strategies, technologies and guidelines for taking software publishers to the next level from a licensing and IP protection perspective. The paper, available as a free download at www.uniloc.com, provides a detailed view of these challenges and solutions.

1. Strategy: Don't lose touch with your customer when expanding sales channels

Second only to a quality product, a publisher's software sales and marketing strategy is at the core of its ability to sustain and grow revenue. Retail, channel and direct distribution models are now complemented by a variety of e-Commerce and electronic distribution solutions that often separate the publisher from the end customer.

Each of these channels represents significant upside for the publisher, but also create additional walls between them and their end-user. This separation between publisher and user all but prevents the publisher from delivering timely information such as patches, upgrades, new features or other product messaging.

2. Strategy: Implement licensing that lets your business develop

roperly implemented licensing technologies should allow sales and marketing professionals to rapidly create new and forward looking business models around customer needs and next generation requirements. Increasing opportunities for affiliate distribution and partnerships require publishers to be able to rapidly and securely create new product bundles and licensing configurations, such as subscription and run-based meters, without creating increased development or operational costs.

A publisher's success in new markets is typically dependent upon their agility. Exploring new distribution opportunities should not have a six figure engineering price tag, nor should it involve risking your core IP. Uniloc's SoftAnchor^TM licensing solution allows software publishers to create new models and product bundles without involving development teams and can often be accomplished in just a few hours, without compromising security.

3. Strategy: Design polite copy control around your audience

There are several simple principles for software licensing that cannot be neglected. When a user loses a piece of their hardware to equipment failure, the software should not fail as well. Tolerate change to an end-user's computer, including installation of a new hard drive, sound card or other replacement. Empower your users with self-service mechanisms. Power users will understand your licensing policies and are often very vocal. Provide a simple help system that tells them how many licenses they have and what they can do with them. Also provide users with the ability to uninstall a license and move it to a new computer.

4. Strategy: Be flexible, regardless of the medium

One time product activation works. Users understand that products are licensed to their computers. Depending on the presence of a disc ensures that you have to ship discs to grow revenue. Instead, allow the disc to become the distribution medium and activate the device. Leverage a solution that ties product activation to the physical device, not the operating system or the disc, and certainly not the dongle.

5. Strategy: Knowing your piracy impact with 100% accuracy drives smart decisions

The well-documented and publicized bane of software publishers is software piracy. While the threat has always been estimated, it has been impossible for most publishers to perform real-time audits, until now. New technologies allow auditing with 100% accuracy and provide software publishers with a real-time metric on their software piracy. Global piracy auditing will become a fundamental business measurement of software publishers who will use this data to defend corporate IP and increase profitability.

"The common thread of the top five software publishing challenges is the maintaining balance across piracy controls, licensing flexibility and the user experience. With new technologies, including polite software copy protection, license auditing, license throttling and global piracy tracking, the tools to maximize profitable revenue streams are now available," said Casey Potenzone, CIO of Uniloc. "Another benefit to these new technologies is that they are developed for fast and seamless integration into existing software offerings, significantly reducing time-to-market. The future for the software industry is bright and strategies that include such tools will help take software publishers to greener pastures."

About Uniloc USA

Uniloc USA is the technology leader in electronic Physical Device Recognition (PDR) for software copy control and information security. PDR is Uniloc's patented method of uniquely identifying a user device, such as a PC, game console, smart phone or cell phone, by the naturally occurring, inherent physical imperfections of that device, and then incorporating that physical device fingerprint into licenses or access credentials. Uniloc's technologies can identify devices with more comparable accuracy than human DNA. Uniloc is the inventor and holder of the seminal physical device locking patent (U.S. 5,490,216) and has 15 related patents pending. Uniloc has applied its Physical Device Recognition technical expertise to several vertical markets, including software publishing, network authentication, transportation, social networking and DVD retailing.

Irvine, CA - June 2, 2008 - Uniloc USA Inc., the leader in device-based authentication for software license management and access control today announced a joint software copy protection service with Avangate. Avangate, a full service provider of electronic software distribution and reseller management for software vendors and Uniloc are partnering to offer a complete service for software copyright protection, available as Avangate CodeBox. The solution minimizes software piracy risks and visibly increases revenue for software publishers while providing a positive end-user experience.

Avangate CodeBox integrates three modules: Uniloc SoftAnchor^TM, the Avangate® License Management Module, and the Avangate advanced antifraud system for advanced software copy protection.

"By pairing the Avangate electronic software registration and e-commerce solution with SoftAnchor, we are providing sophisticated license protection for our software partners while delivering user-friendly software activation for their customers." said Cristian Badea, Chief Information Officer for Avangate. "Uniloc's advanced software copy protection capabilities will be a tremendous facilitator in our delivery of premier software offerings."

Having a licensing strategy is mandatory in order for a software business to address both software piracy challenges and user demands for a truly user friendly experience. The ability to manage software activation in real time allows developers to increase or decrease software activation parameters to strike a balance between help desk calls and piracy protection while optimizing viral marketing models.

"Uniloc's partnership with Avangate is a symbiotic venture of perfectly matching services. Together we can provide a stable and unique solution that protects software vendors' revenue and client portfolio," says Casey Potenzone, CIO of Uniloc. "Avangate CodeBox integrating SoftAnchor provides a competitive advantage for software publishers answering real software business challenges including copyright protection, end-user experience and secured payments."

How it works

Avangate's integration with SoftAnchor allows Avangate's software partners to add an enhanced layer of copy protection to sold licenses, minimizing piracy risks while taking control of licenses currently in use. Combined with Avangate's License Management Module and advanced anti-fraud services, the Avangate CodeBox, jointly provided by Avangate and Uniloc, delivers an easy-to-use software registration process and transparent integration within the online ordering process creating the ultimate customer end-user experience.

About Avangate B.V.

Avangate B.V. provides solutions for electronic software distribution and reseller management, assisting software companies worldwide in successfully selling their products online and at the same time efficiently managing a distribution network. The company's offer includes an eCommerce platform incorporating an easy to use and secure online payment system plus software marketing services and additional marketing and sales tools such as an affiliate network, automated cross selling options, software promotion management, real time reporting, 24/7 shopper support, and the ARMS reseller management program specifically designed for software sales. More information can be found on the corporate website, at www.avangate.com

About Uniloc SoftAnchor

SoftAnchorp polite software activation addresses the delicate balance between IP protection and call-center free user operation. The SoftAnchor licensing solution leverages Uniloc's patented physical device locking technologies and enables developers with unparalleled security through fully embedded security configurations. SoftAnchor's thousands of code variations and obfuscation practices ensure maximum code enforcement - and the highest hack-resistance available. Unlike other one-solution-fits-all anti-piracy measures, if any one title is ever somehow cracked, that same crack will not apply to any other products. SoftAnchor supports a wide range of licensing variations, enabling clients to move into emerging markets throughout the global economy.

About Uniloc

Uniloc USA is the leader in electronic physical device recognition for software copy control and information security. The core technology driving Uniloc innovation is Physical Device Recognition, the company's patented method of uniquely identifying a user device, such as a PC, embedded device, smart phone or cell phone, by the naturally occurring, inherent physical imperfections of that device, and then incorporating that physical device fingerprint into licenses or access credentials. Uniloc's technologies can identify devices with more comparable accuracy than human DNA. Uniloc is the inventor and holder of the seminal physical device locking patent (U.S. 5,490,216) and has 15 related patents pending. Uniloc has applied its Physical Device Recognition technical expertise to several vertical markets, including software publishing, government network access control, online banking and trading, and CD/DVD anti-theft.