With more corporate workers than ever working at home or in secondary locations at least part time, many enterprise security managers find themselves at a loss to control the security and integrity of the machines their users work on.
This can be especially troublesome when users bring files and documents from home or from the road and then save them to their corporate PCs, opening up the possibility of infections by viruses, Trojans or any number of other species of malware.
A small California security vendor on Monday released a new portable, secure appliance designed to help prevent these kinds of back-door infections. RedCannon Securitys KeyPoint, which plugs into a USB port, is roughly the size of a keyless entry remote for a car.
The appliance boasts a number of security capabilities, including an anti-spyware scanner, a secure e-mail client, encrypted storage and a “stealth” browser that leaves behind no traces of the users Web sessions on the PC.
“Security people want better visibility on the endpoint,” said John Myung, vice president of marketing at RedCannon, based in Fremont, Calif.
Once installed on a Windows PC, the appliance automatically performs a spyware scan and then reports back on whether the machine is safe for use.
The browser and mail client look and act much like their familiar Microsoft Corp. counterparts, Internet Explorer and Outlook, but with several security enhancements under the covers.
The browser stores all of the users temporary Internet files and cookies on the KeyPoint device, preventing subsequent users of a public or shared PC from tracking someone elses activities. This separation also can stop malware from grabbing personal data from these files and sending it back to attackers or advertisers.
The mail client works similarly, downloading mail messages via an SSL-encrypted session to the appliance itself and not to the local PC. The messages are stored on the KeyPoint token, and a copy of every message the user sends and received is also retained on the corporate mail server so that it can be synchronized with the users normal mail client. The client works with any POP3 mail application, and users can import their address books from Outlook.
The appliances usable storage capacity is roughly 220MB on the 256MB version, and about twice that on the 512MB token. Files placed in the vault are encrypted using 128-bit AES (Advanced Encryption Standard) encryption, and users can simply drag and drop files and folders from their PC onto the device, Myung said.
KeyPoint also includes a central management feature that enables security managers to configure the appliances to their liking. For example, they can set up the devices to perform spyware scans at set intervals, track the site usage in the secure browser and preconfigure the address book on the mail client to permit communications only with specified addresses.
The 256MB token sells for $149, and the 512MB version is $299.