MobiKEY: Poor man's VPN?

Need a secure way for workers to access machines from remote locations? MobiKEY offers hardware-based authentication and validation. My interest is definitely piqued.
Written by Ramon Padilla, Contributor
"MobiKey is the world's first USB thin-client for instant, secure remote computing. The latest edition to Route1's Mobi Solution family, MobiKEY simply plugs into a USB port to turn any internet-connected Microsoft Windows computer into an instant, secure Virtual Private Office, with computing, applications and data located elsewhere behind a firewall."

I saw a demo of one yesterday and I have to say that my interest has been piqued. The response was similar to a Citrix session (meaning it is as good as your network and the latency between client and host) and was easy to install and use. The basic idea behind MobiKey is that a host (the PC to be remote-controlled) is set up and registered with Route1 as a device that can be controlled by a particular MobiKey. The PC is left on (and hopefully locked by the user) and can be accessed by the authorized user by inserting the MobiKey into any USB port of any machine running MS Windows 2000 or later.

The MobiKey then contacts MobiNET and the user is prompted for a password. This password is validated using the MobiKEY's SIM Chip, granting access to the MobiKEY. Then, further security credentials are authenticated and MobiNET presents a list of available hosts to the MobiKEY user. Once the user chooses a host, MobiNET goes through a process of establishing an SSL session with the host, which allows the user to control the host securely – as in most thin client applications. The pricing given to me for the above was approximately $400 per device and a $40/month fee.

So what is this device really? A poor man's VPN? A way to deploy thin clients in the field? Or a way to quickly provide a secure connection to a machine in your network on the fly? Or maybe all the above?

My first thought when presented with the device was "cool, a VPN replacement." But that's not the case. In an emergency or disaster that destroys the physical infrastructure, knocks out power, etc.—if you have things set up correctly—you probably have back-up power for your server room and major network components. Therefore, even if all the power is off to your main offices, or your site no longer exists, a traditional VPN or Citrix-style solution allows you connectivity with the network and its resources. However, with MobiKey, the host PC has to be powered up and have an Internet connection.

That being said, smaller offices or organizations that do not have this standby capability could use it as a VPN, realizing that if physical disaster strikes, they may be out of luck. Notice I say "physical disaster," because Route 1 is positioning the device to be used during health/ecological disasters (say, an envelope of white powder is discovered in the mailroom) in which your infrastructure is fine but the people may be required to leave the office. Key users who have already registered their machines with MobiNET grab their stuff – (leave their PC on and locked) and go home. Once home, they plug the MobiKey into their PC and—ta da!—they are working securely from home as if they had not left the office.

Not a bad idea if your number of "key" individuals is fairly low, and you do not have a VPN or Citrix-style solution already in place for those individuals. This could be very important in your pandemic flu planning. My guess is that once your numbers start to grow greater than 50, deploying a Citrix server may be more cost-effective. However, giving Route 1 the benefit of the doubt, I have not asked them about volume discounts, so I am not sure where the break point occurs and when it would be more cost- effective to deploy a larger-scale thin client solution.

I can also see keeping a few of these around for individuals that suddenly need to work from home because of illness or injury. This way, you can assist HR in making special accommodations without having to have a corporate laptop or desktop to give to each person that needs to work from home.

There are more creative ways to employ the device for sure, and I am going to acquire a couple just because of their flexibility. But it certainly is a device/service that can be a valuable addition to your tool kit.

Editorial standards