The Yarkon Advantage
Native HTML5 User Experience
Yarkon is an HTML component, implemented explicitly using standard web technologies.
Runs in a Browser
It seems that no matter what you do, the one application that is always opened on your desktop is a browser. Yarkon runs in a tab, no need to open yet another window for yet another application.
Any major browser is supported, running on any device: Chrome, Firefox, IE and Edge, Safari and Opera. The application looks and behaves the same.
Works on any Device
Even on a Mac :-)
Seriously, it works on any device that runs a browser. Basically, this means all of them. A PC and a Mac. Windows, IOS and Ubuntu. iPad, iPhone, Android and even Kindle.
Nothing to Install, nothing to upgrade, patch or Update
All users in your organization always use the same version of the software. You don’t need to push any software updates to users and no need to allow users to install software updates on their corporate PCs. The software is always current. It does not require anything on your PC, so no more urgent Java updates or critical .NET hot fixes.
Higher level of security
You cannot prevent users from clicking on links, but because Yarkon is a web application running in a web browser, it cannot access any local resources on the host computer, such as the file system or your address book. The application itself cannot be infected by a virus or damage the host.
API Keys Management
Never Share with End Users
With Yarkon, you never have to share your AWS access keys with the end users; users use their email and password to login. Many alternative solutions will require you to either have one set of credentials to share with your users, or, if you want to assign different permissions to different users, create a new set for every one of them and figure out a secure way to communicate the keys to the users. Either way, it is cumbersome and not secure. Because Yarkon does not require sharing AWS keys with users, you never have to update all users when someone leaves.
One Key to rule them all
Because Yarkon is tightly integrated with AWS IAM, you don’t need a different sets of credentials for different users. Use this guide to set up your organization following the best practices published by AWS. Then set up Yarkon for Integrated Security and your security and permission settings will be enforced by Yarkon.
Easy Management and Key Rotation
Suppose your keys do get compromised somehow. With Yarkon, all you need to do is log in to the Yarkon Admin Console and change the keys. If you are using the Enterprise Edition, you can simply use the AWS console, go to IAM, and change the keys associated with the role of the EC2 instance that runs Yarkon.
Tight Integration with AWS IAM
One place to manage user permissions
Using AWS IAM to manage S3 user permissions? then you definitely don’t want to manage permissions in any additional place. Yarkon is tightly integrated with AWS IAM, so once you get the organizational structure defined in IAM, there is nothing more to do for Yarkon to use it.
Trusted AWS security
The only way to be as secure as AWS, is to use AWS security. Yarkon, when set up to use the Integrated Security Model, is using AWS IAM defined policies, at the group, user and inline levels. Set users S3 permissions in IAM, and Yarkon will enforce these permissions in the user interface. Only short-lived temporary keys are used for access, and these keys are generated based on the IAM defined access permissions.
Central User Management
The Yarkon Admin Console, the server component of Yarkon, is a central location for user management.
Use the Admin Console for anything user related. You can add (even in bulk), enable/disable and remove users as needed. And when it is needed, you can revoke a user’s permissions instantly.
Lock after Failed Attempts
Yarkon will prevent a brute force attempt to guess a user’s password. Fail for three times, and your account will get locked for 24 hours. The administrator can always unlock a user, when it is determined that it was just an honest mistake.
Check user access
Sometimes, things get complicated. When you have many users, many groups, many buckets and many roles, it is sometimes hard to tell who has access to what. Yarkon Admin Console provides a handy tool that can help you see immediately which buckets a user using Yarkon would see.
Self Hosted Option
Sometimes, you cannot share your AWS keys with anyone or anything, not even a secure cloud service such as Yarkon. For that, we have the Enterprise Edition. Run it inside your VPC, on your EC2, after installing it from an AMI. The AMI is completely stand alone, it need not have access to anything other than few AWS services. You do not need to enter your AWS keys in Yarkon. Just use the one-click set up available from the AWS MarketPlace, and the instance role will be created automatically. So even if your VPC is somehow compromised, and the hacker somehow gains SSH access to the server running Yarkon, they still cannot get your keys.