Feeds

USB stick security suite puts squeeze on software

Yoggie Pico offers baker's dozen

Combat fraud and increase customer satisfaction

Security startup Yoggie Systems has squashed 13 security applications - covering functions such as personal firewall, anti-spam, and anti-virus - onto a USB stick.

The Yoggie Pico is a slimline version of the firm's existing line of hardware security products (targeted at home office, road warrior, and consumer markets) as an alternative to conventional software security suites. Like its larger siblings, the Pico features 13 security applications on hardware running Linux. The Pico uses an Intel 520MHz PXA270 processor, a part more commonly found in recently released smartphones.

Once installed on a PC, all network traffic is run through the Pico, where junk mail and hostile traffic is blocked. This operation results in little or no latency, according to Yoggie, which touts the ease of use and performance advantages of the approach.

The device offers a full security suite on a USB stick with a raft of security defences more commonly only available to corporate intranets, business workers on the road, or consumers. Yoggie points out that software security products can be time consuming to install, difficult to manage, and subject to clashes with other applications. In addition, the hardware-based approach boosts the performance on either laptops or desktops by saving CPU, memory, and disk space.

On release, the Pico only works with Windows boxes (wags might say that's where it's most needed). Yoggie plans to develop Linux and Mac drivers. Yoggie Pico will go on sale from yoggie.com and through leading PC retail outlets round Europe and the US from September 2007 at a cost of around $179 (for consumer versions) and $199 (£106) for its enterprise equivalent.

All-in-one security appliances (so called God-boxes) have become popular in the enterprise and Yoggie is repurposing this approach - first with its existing Gatekeeper series and now with its little brother, the Pico. Described as a miniature computer, it runs a raft of applications including anti-spam, anti-virus, anti-phishing, anti-spyware, intrusion protection, firewall, web filtering, and a VPN client. Some of these applications were developed in-house, whereas others are licensed from third party vendors (e.g. Kaspersky for anti-virus, MailFrontier for anti-spam). Signature files are updated hourly.

For parents, the device offers the benefits of easily preventing unprotected or unauthorised net access. Removing the Yoggie Pico from the computer stops all network connections.

The Yoggie Pico comes in two flavours - the Yoggie Pico Personal for the consumer market and the Yoggie Pico Pro for the enterprise market. The latter features management hooks so the technology can be centrally controlled.

Performance problems after loading security products (to say nothing of security glitches) remain a bane in the life of Windows users, so handing over these functions to separate hardware certainly has its appeal, providing Yoggie is right about its claims that no latency is introduced. For organisations that have banned the use of USB ports on corporate machines using software, or gone even further by gluing them shut out of fears of data theft, the Pico-approach runs foul of other security policies so isn't an immediate option.

In the consumer market, price and a solid distribution strategy are all important factors. The promise of hassle-free hardware security is an interesting one. A retail price of £95 ($179) with licensing from year two at £16 ($30) works out at a bit more expensive than three security software packages and quite a lot more expensive than a Bluetooth USB adapter or wireless router, for example.

For what it offers, the Pico is competitively priced so much depends on whether it lives up to the promise of hassle-free computing. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.