Bluefire Disables Bluetooth and Infrared Device Communication With New Version Of Mobile Security Software

BALTIMORE – May 4, 2004 – Bluefire Security Technologies announced today the availability of a major new version of its mobile security software, Bluefire Mobile Firewall Plus 3.0, the only complete handheld security solution available combining multiple security features with strong management capabilities. Faced with the growing security threat created by mobile devices with Bluetooth and Infrared connectivity, security administrators can use the upgraded version of Bluefire Security’s flagship product to disable these communication capabilities before an enterprise deployment of personal digital assistants (PDAs) or converged devices.

The vulnerability of Bluetooth-enabled mobile devices, as demonstrated by frequent break-ins over the past year, has raised serious concerns among the security community. Since most PDAs and smart phones come standard with Bluetooth or Infrared built-in, administrators need to disable these capabilities before issuing the devices to employees and risking information theft or backdoor exposure to the enterprise. Planning to issue 900 Hewlett-Packard iPAQ PDAs to its employees, an agency of the U.S. Department of Homeland Security will increase security protection of its PDAs through the use of Bluetooth-disabling, pre-installed Bluefire software.

To assist companies and government agencies with managing the threat from hackers willing to expose weaknesses in the handheld computing platform, Bluefire Security will now make available a handheld vulnerability alert service from its Cambridge, Mass.-based Handheld Security Research Lab. Organizations can subscribe to an e-mail alert service or use Bluefire Security’s Web site to receive existing and future vulnerability information, a first line of defense against would-be criminals.

“The handheld computing platform presents a unique set of security and performance challenges,” said Mark Komisky, chief executive officer of Bluefire Security. “We routinely dissect these devices to better understand their vulnerabilities and find the holes before the hackers do. Now, for the first time, we will make this information available to the public to help combat hackers.”

Bluefire Mobile Firewall Plus is the only complete mobile security solution on the market, providing firewall, intrusion detection, integrity management, encryption, device authentication and policy-based enterprise security management features. Bluefire’s software runs on most Windows Mobile-based mobile devices.

“The Windows Mobile software platform was designed to empower our partners to create new and innovative applications for mobile devices,” said Julie Wymetalek, manager of the Mobility Partner Advisory Council at Microsoft Corp. “Combining the power of Mobile Firewall Plus 3.0 and Windows Mobile software, Bluefire is providing IT managers and government agencies with robust technology to manage security on their employee’s mobile devices.”

Version 3.0 builds on this development strategy with the following key new features:

Wireless WAN Firewall – firewall protection for mobile devices operating in both wireless WAN and LAN environments.
FIPS 140-2 Validated Cryptographic Module – AES (Advanced Encryption Standard)-based encryption combined with a FIPS (Federal Information Processing Standards) 140-2 validated cryptographic module, the benchmark for security within government departments and agencies.
Folder Encryption – encryption of data files, storage cards and personal information, including mailbox, contact, calendar and task databases.
Password Override – device user permission to access the device if the user has forgotten the password.
Microphone and Speaker Disablement – disablement of microphones and speakers on mobile devices.
Accelerated Deployment/One-Click Installation – deployment capabilities that require minimal administration, speeding installation – a significant timesaver for organizations with large mobile device populations.

“We offer forward-thinking companies a long-term solution to their mobile security concerns,” said Komisky. “Our product development strategy is to avoid the one-trick-pony solutions common in the marketplace and offer a fully developed solution with multiple security features and a strong management capability that will enable organizations to stay responsive to the ever-evolving mobile security threat.”

About Bluefire Security Technologies
Bluefire Security TechnologiesTM develops security software that protects wireless handheld devices, data and networks. The company’s flagship product, Bluefire Mobile Firewall Plus, is the industry’s first complete security solution for handheld devices, providing firewall, intrusion prevention, integrity management, encryption, authentication and policy-based enterprise security management features that enable the safe use of mobile and wireless applications. Bluefire’s technology is being deployed across a wide-array of mobile enterprises including those in government, health care and the financial services industry. Bluefire Mobile Firewall Plus is available for purchase on the federal GSA schedule (GS-35F-0279J) and SEWP III contract. For more information, visit www.bluefiresecurity.com or call (410) 637-8160.