With a surprisingly large number of software vendors choosing to protect licensing with physical authentication dongles, Joachim Sturmhoefel looks at how organizations can bridge the gap between new agile cloud systems and the necessary hardware to maintain business as usual.
In an IT world that is becoming increasingly software-defined as a way to bring enterprise flexibility, it is hard to believe that traditional software vendors are among those championing hardware solutions. However, from accountancy to utilities and law enforcement, many companies around the world depend on bespoke, high-value applications that are tightly controlled with user authentication that happens on a physical rather than a virtual level. This has been the case for many years and isn’t going to change any time soon, which was fine when employees all worked under the same roof – but this is no longer the case.
With an increasingly disparate workforce, high-value but essential software that requires hardware authentication poses a problem. As a result, enterprises need to bridge the gap between the two and enable the benefits of cloud tech for businesses which use hardware authenticated software that’s at their heart of their business operations.
How is high-value software protected?
Physical dongles (such as plug-in USB authentication devices) have long been a necessity for these types of applications. Publishers of high-value software, such as forensic investigation technology or financial applications, rely on hardware-based protection mechanisms because it’s the most secure way to prevent piracy or misuse. It’s important for the end-user too.
State police or defence bodies, for example, need to know which employees are running forensic software and where it was accessed. This is where dongles come into play as an ideal way of controlling usage.
When the high-end software is started, the dongle must be plugged in or the software will not function. This hardware level of software authentication has been achieved via USB technology in the past decade, and it’s easy to see why. After all, it is easy to connect and widely used, which makes a USB dongle an ideal protection mechanism. In theory, at least.
The challenges this creates in today’s enterprise environment
Changing businesses models have altered the challenges businesses face. Using a USB dongle is not always practical. For example, with disparate teams often needing to travel, it’s rather common for the end-user of technology like this to be in one city while the dongle they need is in another.
Whether remote working, or operating from the office of a client, having to carry a physical dongle can be problematic. Equally, even if employees are physically in the office, if two or more need to share access to the same high-value application, the dongle must be physically transferred from one person to another before the supported software can be used.
A much bigger problem to overcome, though, is that many enterprises run thin clients for their users with software and services managed by a data centre or remote server. Here, because the core infrastructure is virtual, there is no physical port to plug a USB device into. Even if there are physical USB ports, a virtual server in a data centre / center is most likely set up as a high availability (HA) system. With this set up, a virtual server switches between different physical servers automatically to ensure it meets the processing requirements. However, any directly connected USB devices won't make the switch to the other hardware, resulting in software downtime due to problems with authentication. Here a dongle server provides a useful fix as it maintains a consistent USB connection regardless of the underlying physical servers being used.
Fortunately, the benefits of modern cloud technology are not lost in a situation like this – and it is why enterprises have turned to hardware vendors to help address the problem.
Getting around the problem
The concept of a dongle server has become vital to how enterprises manage software that’s protected by physical hardware. It can overcome these issues since USB dongles can be made available over the network, working in much the same way as if they’d been connected directly to the user’s computer. This bridges the gap between cloud technology and physical software protection. Essentially, dongle servers act as a virtual cable extension via the network.
In turn, this approach allows terminals to meet the required authentication requirements so that the specialist software can be run on them. The licensing terms are not circumvented in any way either, so it’s also become an important tool for IT managers as they bridge the gap between user experience or convenience requirements and the need to simplify the management and availability of software and applications on the network.
Businesses are able to streamline business processes and ensure more efficient use of resources through dongle pooling. This enables employees to request access to the software as soon as a license becomes available. Once the software has been used by that individual, the dongle can be virtually reallocated to the next in line, minimising downtime.
There are other benefits associated with an approach like this. By storing dongles securely and centrally in a locked dongle server that is connected to the network they are kept safe from theft and damage. It also eliminates the problem of users sharing dongles, which invariably results in loss at some point – sourcing replacement dongles, lost revenues and wasted time are no longer an issue
Dongle servers also meet the requirements of companies or organizations with high security needs. By encrypting the point-to-point connection between the end-user and the dongle server, the potential for unauthorised access is removed. More advanced dongle server vendors also make it possible to dynamically assign which user is authorised to access which dongle, ultimately controlling which computer is able to access the software.
The cloud has become a fundamental part of many businesses, from start-ups to established multinationals, yet the benefits it offers are not without drawbacks. While some compromises are worth the benefits, they are out of the question when it comes to business-critical software. Organizations need to be able to bridge the gap between physical hardware protection and a software-defined world and advanced dongle server technology is key to offering an effective workaround that doesn’t sacrifice business functionality.
Joachim Sturmhoefel is managing director at SEH Technology.