SecurLock is a product that promises to provide all the data and access security you and your computer will ever need. It allows you to control who can log into your computer, who can read, edit, or execute your files and programs, and even a means to secure your e-mails. On the whole, it offers a lot of security, but that security comes at the cost of complexity.

According to SecurSoftware's Web site , "SecurLock is an all-in-one solution for securing PCs, encrypting data, managing and protecting sign on profiles. As an information security software application it has easy administrative features and management console. Securlock authenticates workstation via SecurCard, which is a smart card key, equipped with a corresponding PIN. SecurLock encrypts and decrypts files, folders and applications while still allowing an ease of exchange between these files and emails.

With SecurLock, single sign-on features users can securely manage and store profiles via a username and password combination. These profiles can be dragged and dropped to correspondent sites or Windows applications.

Additionally SecurLock supports MS Windows 2000 professional, MS Windows XP Professional and MS Windows XP home edition compliant."

That's a straight quote from the Web site overview. I found it overly dense and full of jargon, so I'll decode it for you. With SecurLock, you can encrypt files and e-mail so unauthorized persons can't read them. You can also control who is able to log into a given computer. SecurLock provides management tools to help you configure these features as well as configuring the hardware key that comes with the software. That's it - everything they said, I said, except that the product requires Windows 2000 or XP (either Home or Professional). In fact, this passage from the Web site is the only place I found what operating systems the product supports.

The SecurLock package includes a USB "iKey" security token and the software CD-ROM. Installation is not a problem, but the manual's explanation of the process doesn't really match what happens when you put in the CD. The manual doesn't mention the initial window that gives you a three-step installation process, but the on screen instructions are pretty easy to understand. More about the manual later.

During installation, you need to provide several pieces of information. You are asked for a user name and organization, which are optional, then later on you'll need to provide a passphrase, which is used to generate a unique digital signature in the iKey, and a PIN of four to eight characters. The PIN can be alphanumeric, unlike other PINs that are actually "numbers." Later, you're asked for the password you use to sign on to the computer with.

One major security feature SecurLock provides is user authentication. This gives you the option to log into your computer by inserting your iKey and entering your PIN, or using the standard "CTRL-ALT-DEL" process users of Windows NT/2000 are familiar with. You also have the capability of disabling "CTRL-ALT-DEL" login, effectively locking the operating system. While this is a very powerful and robust protective measure, the user must be very careful not to lose the iKey or forget their PIN.

I installed the software on my 2GHz Dell laptop running Windows XP Professional. Windows XP offers a friendly log on feature that lists the established users of the computer, and lets the user click on his or her name, then enter the appropriate password. After installing SecurLock, the system changed to Windows XP's optional NT/2000-style CTRL-ALT-DEL log on screen. This isn't mentioned in the documentation, but is expected, since good security practices call for the user to provide a user name, rather than providing a list for a potential intruder to pick from.

The "Single Sign On," or SSO feature allows you to store your user names and passwords for various networked and Internet-based resources. One example of this would be storing your Hotmail or Yahoo! Mail user name and password. This is a big help for anyone who has lots of sites to keep track of, and multiple user names and passwords to manage, but using it is somewhat slow. Once you get to the login page (or dialog box, as with a network resource), you have to open the floating SSO tool bar, select the category you filed this resource under, then drag the correct item onto the login data area. That's kind of clunky in my opinion.

Another feature is file locking. You can encrypt files, using either the 128 bit Blowfish algorithm or the less secure 40 bit RC4 method (which takes less time to accomplish). This prevents unauthorized individuals from viewing the contents of these files. You can lock any type of file, so be careful not to lock executable files, or your programs won't run until you unlock their files.

The heart of this system is the physical key provided with the package. This key is in the form of a Rainbow Technologies iKey, (Figure 3) a USB device that stores your user identities, passwords, etc, all in encrypted form. You use the iKey for several functions, such as the Single Sign On function, to lock files, and so on.

The user's manual, in both English and Canadian French, is in the form of a ".PDF" file (actually two-one for either language) on the installation CD-ROM. The English version is 30 pages long and well illustrated with specific screen shots of the various windows the user is presented.

The One key kit is available directly from SecureSoftware's Web site for $129.00. Additional iKey tokens are available for $79.00. (Note that any iKey 1000 token works with this software, and that these tokens are available through other vendors at lower prices.) Shipping is free to the US and Canada. They have one distributor in the US; DataVision, which is located on Fifth Avenue in New York City.

Overall, I found the SecurLock package to be a very interesting, very capable method of providing commercial-level security for both computers and data. On the other hand, I found it way beyond what a typical home user would need, or what most of us would put up with.

Most people have a hard time keeping track of a few PINs and passwords, and often have problems with remembering their user names. While SSO and the iKey help with that, it's usually more efficient for the home user to simply have a small list of user names and passwords on the computer desk (or locked up when not in use) to refer to as needed. I have a password-protected list of these items on my PDA, so I really only need to remember one password, and the process of finding the information and entering it from the PDA is smoother for me than SSO is.

I am very much a computer security advocate, and SecurLock is most definitely a welcome addition to the professional computer security arsenal; it lets you lock a laptop, for example, so that a thief can't use it without the iKey AND correct PIN, and it lets users secure sensitive data simply and seamlessly. On the other hand, this is just as definitely not a home computer product, as it is not only far more robust and capable than most home users need, it is very complicated and involved to install, configure and manage. Buy this product to protect your sensitive business data and traveling computers, but not to protect your home computer.