IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

When the physical and virtual worlds meet: How to manage USB software in the cloud

Why you should manage USB software licenses in a cloud environment

Man walking up staircase to the sky

Over the last decade, there has been a significant shift to the cloud and using software-as-a-service. However, dongles are still very popular among software companies as a means of protection for intellectual property and high-value software. But can you use USB dongles with cloud software to protect your data, and if so, what's the best way to go about it?

A physical dongle is one of the most secure ways software vendors can protect their products from piracy and misuse. However, the biggest problem for cloud-based applications is that because the infrastructure is virtual, there is no physical port in which to plug in a USB dongle.

In the early days of virtual machines, USB support was patchy at best - or missing altogether. These days many virtual environments support USB, but the next problem is the safekeeping and management of such USB dongles, as well as being able to easily access them.

One solution is to deploy a USB dongle server. These have been used in the past to provide a USB port for a network, allowing a computer to span beyond the local network to the internet.

Protecting high-value software-as-a-service

British Columbia startup ESP Estimating offers its clients, electrical contractors, a cloud-based custom estimating database for a monthly subscription. This solution also uses a third-party software platform called Accubid. This is specialised installed software, costing over $4,000 per license, and is meant to be run on a single PC or a networked server. The software usually checks with a physical dongle inserted in the PC or server at each electrical contractor's location. To run Accubid, the estimator is required to work from a physical PC with the USB license plugged into it on the local network.

But ESP uses the cloud and virtual machines to deliver its software to the client, and these VMs don't have USB ports. Sentinel dongles, supplied by Gemalto, would not work with pooled, session-based remote desktops; they require a one-to-one, PC-to-dongle connection.

ESP solved the issue by using SEH Technologys myUTN-800 dongle server and user-dedicated virtual PCs. This enabled administrators to assign a USB port to each virtual machine, using SEHs own interface.

Each virtual machine then makes the connection to the dongle server and presents the license to the Accubid software for verified access. Each of ESP's clients sees only their own specific Accubid licenses that have been purchased, providing a completely secure isolated environment for each contractor.

The solution gives end users access to all purchased Accubid licenses across a geographically distributed and mobile workforce, including owners, estimators, and project managers. Once used, the dongles can be freed up for a new user. Customers benefit as the dongle server ensures that software licenses are never circumvented.

In addition, by storing the dongles securely and centrally in the locked dongle server, they are safe from loss, damage, wear and tear, and theft.

Helping cloud providers offer more security

The use of a USB dongle server can help cloud hosting providers overcome the problem of hosting services for licensed software that's protected by USB hardware keys or dongles.

Virtual server environments are not well equipped for handling USB devices, and it can be next to impossible to provision USB dongles with virtual servers and assign them to a specific customer's virtual machine.

For German cloud provider Terra Cloud, in order to fulfil its customers security demands, it found the need to host dongles in virtual environments indispensable.

The problem was that the cloud provider has no reliable way to connect dongles to virtual servers and assign exactly the right virtual machine to a customer. This was problematic for customers using a German accountancy package called Datev. These customers would outsource their data processing to hosted external servers, but still had to fall back on a physical server.

Using a physical server can be much more expensive than a virtual one, and for many companies this makes things economically unattractive. Instead, Terra Cloud looked to use a dongle server that could be used with virtual servers.

The hosting provider's administrators can use the myUTN-800 Dongle Server to provide up to 20 protected software licenses centrally and securely across a network via 20 USB 2.0 Hi-Speed ports. 

Using USB dongles in the cloud

Using a dongle server allows users to be independent of USB interfaces in virtualised environments with Citrix XEN, VMware, and Microsoft Hyper V. This means that such dongles can always be safely and easily accessed across the network and the internet. It acts as a virtual cable extension via the network, meaning these dongles can be used as if they were locally connected. It also enables several users to access a USB device via the network, just as if it were locally attached. A user who no longer needs the device can simply release it so another person can use it.

For cloud providers, the dongle server can create a management VLAN, and also support several other VLANs with the option that every VLAN can use the same IP range. The direct assignment of a USB ports to VLANs enables operation in a multi-tenant facility.

The dongle server provides safe and simple dongle management in virtualised environments, making external hosting via data centres financially attractive for customers. Such solutions can scale up as and when for new customers with similar needs.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022