Your region   

Trusted Client – Bootable USB for Secure Remote Access

 

Secure remote access with bootable USB that you can trust from a PC you can’t 

Trusted Client is Becrypt’s innovative answer to the IT Manager’s dilemma: how to provide secure remote access at a low cost. Trusted Client is a bootable USB solution that transforms an unmanaged PC, such as a home PC, into a secure remote access point.

"Beautifully implemented, this is a product as sophisticated as it is simple" - Techworld

By providing cost effective and highly secure access for mobile workers, Trusted Client significantly reduces the risk of data loss and data leakage and helps protect the network. Trusted Client is an invaluable tool that supports and enforces a comprehensive Information Assurance strategy.

Trusted Client Overview
Trusted Client is a self contained encrypted bootable USB solution that typically resides on a USB flash drive, and allows employees to work securely from an unmanaged internet connected PC. It addresses the risks inherent in using an unmanaged PC, which cannot be trusted, to connect to an organization’s secure network and data.

Inserting the Trusted Client device into a USB port and re-booting launches a secure isolated environment, which provides a user interface, a web browser, email access and standalone applications. Trusted Client is fully configurable to each organization’s individual requirements. With Trusted Client, staff no longer need laptops for home or occasional remote working; instead they can be issued an inexpensive bootable USB flash drive, which is secure, and easier to carry.

Besides remote working, home working, and occasional off-site working from unmanaged PCs, Trusted Client can also be used in Business Continuity scenarios, either as a secure remote access device, or as a standalone secure environment should the corporate network fail.

Trusted Client uses the FIPS approved Becrypt cryptographic algorithm and has been awarded a Common Criteria certificate.

How is it different?
Trusted Client’s innovative use of technology creates a secure environment on the host PC: it does not use the host hard drive and operating system. This has two key benefits; first, any malware on the host PC cannot infect the network; secondly, corporate data cannot leak onto the host PC.

Any data that is saved to Trusted Client is protected by encryption; alternatively, Trusted Client can be configured as a read-only device, and all user data is erased on shutdown. Trusted Client devices can remotely be rendered unusable (or ‘killed’).

 

  • Features / Benefits

    Features: Benefits:
    Secure remote network access enables users to work safely from any unmanaged PC                  

    Flexible and mobile working capabilities to provide better service to customers, and better work/life balance for users.
    Working enviroment is totally isolated from the host machine Absolutely no transference of data significantly reduces the risk of data loss or data leakage
    Encrypted operating system and encrypted data storage - data saved to Trusted Client is automatically encrypted Device and any data saved is securely protected from unauthorized access
    Strong authentication combined with 256 bit AES encryption Government grade security options make Trusted Client suitable for protecting virtually all commercial information
    Based on Open Source software and loaded on an off-the-shelf USB flash drive Extremely cost effective solution with low hardware costs (particularly when compared with alternatives like laptops or PDAs), and no additional license fees for the operating system
    Out-of-the Box integration with standard browsers, Citrix and Microsoft Terminal Services Familiar look and feel for users reduces training overheads and rapid start up time giving fast access and boosting user acceptance
    Fully configurable with easy inclusion of additional plug-in applications Highly configurable to meet the business requirements of each individual organisation
    Central Management facilities for device deployment and repudiation Low operational overhead and the ability to ‘kill’ a Trusted Client device remotely should the user’s rights be revoked

     

  • How it works


    Trusted Client has been designed with a modular approach to enable third party components to be built-in to the environment. It may be configured to include only pre-specified applications, and to restrict the user to approved IP destinations, ports, and protocols, such as the corporate intranet, virtual private network (VPN) or specific hosts. Once the configuration of Trusted Client has been decided, a single install file is created allowing an organization to quickly and securely build devices that are unique to their needs.

    Next the Trusted Client device is built, this can be done by the end-user themselves, or by an administrator or other central function. All that is required is a standard 1GB or greater USB memory stick, and the configuration of Trusted Client specific for your organization, which may be held in a central secured zone for access by staff. To create the device, the end user or administrator sets up an initial username and password and inserts the USB memory stick. The Becrypt software then generates a unique 256bit AES encryption key and uses this to encrypt the device and copy the relevant files, producing the Trusted Client.

    The end-user can then use Trusted Client from an internet connected PC. They boot from the USB device, an authentication screen will be displayed, asking for username and password or smartcard PIN. After successful authentication, the device automatically decrypts and the device operating system is loaded creating a secure environment on the host machine. Trusted Client utilizes standard browsers, Citrix and Microsoft Terminal Services, giving users a familiar user interface and offering easy integration with existing systems. The Trusted Client operating system has no access to the internal drives of the machine, allowing the user to work safely regardless of the malicious software that may be present on the host. This feature also prevents any data from being leaked outside of the Trusted Client environment. If authentication fails, the device cannot be booted and it cannot be accessed as the whole device is encrypted.

    Trusted Client is quick to boot up and the encryption is completely transparent to the end user. The strong user authentication features include an embedded strong password generator, and the device can be configured to work with additional tokens, providing secondary authentication of any user. Should a password be forgotten, secure device recovery through a challenge/response processes is possible, ensuring that the original password is never compromised. Having completed their work session, the user simply shuts down the host PC and removes the Trusted Client USB device, no trace of the session is left on the host PC.