The Yarkon Advantage

The following refers to the Yarkon editions that have a server side component: Cloud, Hosted and Enterprise editions of Yarkon.

Native HTML5 User Experience

Yarkon is an HTML component, implemented explicitly using standard web technologies.

Runs in a Browser

It seems that no matter what you do, the one application that is always opened on your desktop is a browser. Yarkon runs in a tab, no need to open yet another window for yet another application.

And any ny major browser is supported: Chrome, Firefox, IE and Edge, Safari and Opera. The application looks and behaves the same.

Works on any Device

Even on a Mac :-)

Seriously, it works on any device that runs a browser. Basically, this means all of them. A PC and a Mac. Windows, IOS and Ubuntu. iPad, iPhone, Android and even Kindle.

Nothing to Install, nothing to upgrade, patch or Update

All users in your organization always use the same version of the software. You don’t need to push any software updates to users and no need to allow users to install software updates on their corporate PCs. The software is always current. It does not require anything on your PC, so no more urgent Java updates or critical .NET hot fixes.

Higher level of security

You cannot prevent users from clicking on links, but because Yarkon is a web application running in a web browser, it cannot access any local resources on the host computer, such as the file system or your address book. The application itself cannot be infected by a virus or damage the host.

API Keys Management

Never Share with End Users

With Yarkon, you never have to share your AWS access keys with the end users; users use their email and password to login. Many alternative solutions will require you to either have one set of credentials to share with your users, or, if you want to assign different permissions to different users, create a new set for every one of them and figure out a secure way to communicate the keys to the users. Either way, it is cumbersome and not secure. Because Yarkon does not require sharing AWS keys with users, you never have to update all users when someone leaves.

Only Key to rule them all

Because Yarkon is tightly integrated with AWS IAM, you don’t need a different sets of credentials for different users. Use this guide to set up your organization following the best practices published by AWS. Then set up Yarkon for Integrated Security and your security and permission settings will be enforced by Yarkon.

Easy Management and Rotation

Suppose your keys do get compromised somehow. With Yarkon, all you need to do is log in to the Yarkon Admin Console and change the keys. If you are using the Enterprise Edition, you can simply use the AWS console, go to IAM, and change the keys associated with the role of the EC2 instance that runs Yarkon.

Tight Integration with AWS IAM

One place to manage user permissions

Using AWS IAM to manage S3 user permissions? then you definitely don’t want to manage permissions in any additional place. Yarkon is tightly integrated with AWS IAM, so once you get the organizational structure defined in IAM, there is nothing more to do for Yarkon to use it.

Trusted AWS security

The only way to be as secure as AWS, is to use AWS security. Yarkon, when set up to use the Integrated Security Model, is using AWS IAM defined policies, at the group, user and inline levels. Set users S3 permissions in IAM, and Yarkon will enforce these permissions in the user interface. Only short-lived temporary keys are used for access, and these keys are generated based on the IAM defined access permissions.

Central User Management

The Yarkon Admin Console, the server component of Yarkon, is a central location for user management.

Add/Enable/Disable

Use the Admin Console for anything user related. You can add (even in bulk), enable/disable and remove users as needed. And when it is needed, you can revoke a user’s permissions instantly.

Lock after Failed Attempts

Yarkon will prevent a brute force attempt to guess a user’s password. Fail for three times, and your account will get locked for 24 hours. The administrator can always unlock a user, when it is determined that it was just an honest mistake.

Check user access

Sometimes, things get complicated. When you have many users, many groups, many buckets and many roles, it is sometimes hard to tell who has access to what. Yarkon Admin Console provides a handy tool that can help you see immediately which buckets a user using Yarkon would see.

Self Hosted Option

Sometimes, you cannot share your AWS keys with anyone or anything, not even a secure cloud service such as Yarkon. For that, we have the Enterprise Edition. Run it inside your VPC, on your EC2, after installing it from an AMI. The AMI is completely stand alone, it need not have access to anything other than few AWS services. You do not need to install your AWS keys on the server. Just create the IAM Role and run the AMI under that role. So even if your VPC is somehow compromised, and the hacker somehow gains SSH access to the server running Yarkon, they still cannot get your keys. For more, see this document.

SDK Available

What if you want to change the look and feel, use Yarkon as a component of your larger web based solution, or piggy back on your own authentication and authorization logic? For that, we offer the SDK Edition. Being that Yarkon is a web component, it can be seamlessly incorporated in another web application, using basic CSS rules to control the look and feel, and integrating the authentication with the host using JavaScript code. For more, see the SDK documentation.