Solving the Productivity vs. Security Dilemma

Many of us find ourselves processing email while on the road. In fact, sitting on a plane, or while waiting for one, is probably the best time to catch up on a stuffed inbox.

However, when we’re away from the office, we’re at our most vulnerable point with respect to viruses and malware. While we’re away, we access the Internet via insecure public networks (hotel rooms, coffee shops etc.), which lay us wide open to infection from the Internet as well as others using the same network. We have to learn how to negotiate with our desktop firewalls and configure our VPN client software, and many of us get so frustrated that we have learned to bypass these obstacles, even if it means that we compromise on security.

This is not only a problem for individuals — it is a problem for companies, too. After you’ve taken your laptop on the road and possibly got it infected with malware or spyware, what do you think can happen when you return to the office and connect to the company network? I still have vivid memories of being hit by the Code Red virus in 2001 in a hotel room over a dial-up connection, despite my up-to-date anti-virus program. Had I not realized immediately that my machine was infected, it would have attacked my company’s network from the inside when I got back to the office. I also know first-hand of at least one incident at a major US corporation where an employee returned from a business trip and started a virus outbreak the minute he connected his laptop to the network.

Conventional thinking has it that productivity and security are like a see-saw; if productivity goes up, security goes down, and vice-versa. Microsoft could not have been as successful with their operating systems and Office products had they been overly concerned about security from the outset, instead of focusing on usability.

This poses a rather challenging paradox:

  • Laptop security needs to be considerably beefed up, to a level that is on a par with the security policy enforced by the corporate network gateway appliances.
  • At the same time, this security needs to be so easy to use, that it becomes the path of least resistance — it must be totally transparent to the end user, just like the appliances that filter traffic at the corporate gateway.

Yoggie Gatekeeper ProI’m currently beta testing Yoggie Gatekeeper, a pocket-sized appliance that solves this exact conundrum. It connects to your laptop’s network port or USB interface and scans all incoming and outgoing network traffic. It is one of the simplest appliances I’ve ever used — literally plug and play. It is packed full of enterprise grade security scanners: firewall, intrusion detection/prevention system (IDS/IPS), anti-virus, anti-spam, anti-phishing, web filtering. I’m not going to get into the technical stuff — that’s available at www.yoggie.com.

For companies, it allows central management of the security policy, allowing the administrator to guarantee a high level of security, and do this completely transparently as far as the end user is concerned. It also contains a VPN client, so the user won’t ever have to fiddle with the network settings, and shouldn’t have any problem accessing corporate resources over the Internet. It can even provide a very convenient way to deploy a VPN, for those companies that have not yet done so.

By offloading much of the security processing to the Yoggie Gatekeeper, which includes a powerful processor and 128MB of RAM, there are significant benefits to be had:

  • Performance: your laptop does waste resources on performing VPN encryption and decryption — this is done by the Yoggie Gatekeeper. Your desktop anti-virus and other security systems can remain tuned for the same level of security they provide when you’re inside the relative safety of the corporate network, i.e. not too aggressive, but powerful enough to provide an extra layer of insulation, just in case. This leaves maximum resources available to get your job done.
  • Security: a layer of hardware between your laptop and the network can go a long way to insulate your laptop from attack — the Yoggie Gatekeeper will take the knocks instead of the laptop.

Yoggie Gatekeeper is expected to be available by the beginning of 2007 and will cost around $200 per unit. The value to companies is clear, but on an individual level, just being able to sit in a coffee shop and surf the internet with a carefree smile is well worth it.

[Disclosure: On the strength of a long-standing relationship with the makers of the Yoggie Gatekeeper, and a common background in security appliances (I used to manage a security appliance product line), I received a free unit to test. My only obligation is a gentleman’s agreement to supply the people at Yoggie with regular and detailed feedback, which I’m very happy to do. I am under no obligation to write about it, and if I choose to write about it, I’m not subject to any restrictions.]

Advertisements

4 responses to “Solving the Productivity vs. Security Dilemma

  1. That device is sheer brilliance! If I wasn’t comfortable toying with my computers security configuration myself, I would get one in a heartbeat!

    Sometimes having a seperate physical device can give users real confidence because they can ‘see’ it working and when its not there they know its not. Instead of just hoping their anti-____ software is working correctly all the time.

    – Ed

  2. really keen to find out how the Yoogie goes. Might be an amazing solution!

  3. Since this article, has anyone heard the results of the beta tesing of yoggie gatekeeper pro?
    Please post the findings!

  4. Traci: I don’t go anywhere without my Yoggie. When I’m on a wireless connection, there’s no better protection!

    Three minor things I don’t like about it are:
    1. When I’m using my laptop on my lap, the Yoggie dangles down awkwardly.
    2. The Yoggie reduces the amount of time I can work using my laptop’s battery, as it takes power from the computer via the USB cable.
    3. I have to disable the Yoggie in order to print to my network printer — there is currently a problem with resolving Windows network machine names. This would be easy to solve by adding an entry into my Hosts file, but I haven’t bothered.

    IMHO the above problems are a very small price to pay.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s