updated 03:00 am EDT, Wed September 26, 2012
Smartcard dongle has strong security, no need for software
On Tuesday, security and ID management company Route1 debuted its latest security solution for OS X and enterprise users, the MobiKey Classic 2. The USB key, which is clientless and driverless and so works on both Macs and Windows machines, contains an embedded smartcard so that users can access remote networks with very high security, meaning their own notebooks or other devices never actually store secure data that could be lost or stolen. Access stays behind a company firewall and prevent the transmission of malware.
The MobiKey itself is cryptographically protected and can be locked if lost or stolen, but requires no pre-installed software so can be used with any computer. The company cites the high percentage of data breaches that occur on notebooks and portable devices as being an issue the MobiKey Classic 2 prevents, since sensitive data never leaves the institution's control and is not stored on the local device. Route1, which is based in Toronto, says the Canadian government and the US Departments of Defense, Interior, Energy and Homeland Security are among its clients.
The device uses multi-factor authentication to access remote servers, meaning that users must not only have the MC2 plugged in but also know the access password in order to be let into the system. By not having to carry sensitive data with them, users reduce the risk of theft, prevent accidental malware exposure and can use any computer using Windows or OS X and an Internet connection securely. Rather than authenticate devices, which could fall into the wrong hands, the system is designed to ensure that the right individual is logging in.
Apart from the $400 cost of the MC2 itself, no additional servers or devices are needed, nor is any software installation or administrator privileges required on the remote device. No "footprint" is left behind from MC2 users when they log out of a remote session.