Unified Endpoint Management: Security and productivity for the digital workspace

Similar documents
XenApp, XenDesktop and XenMobile Integration

Mobilize with Enterprise Security and a Productive User Experience

Augmenting security and management of. Office 365 with Citrix XenMobile

Citrix XenMobile and Windows 10

Design and deliver cloud-based apps and data for flexible, on-demand IT

White Paper Taking Windows Mobile on Any Device Taking Windows Mobile on Any Device

Maximize your investment in Microsoft Office 365 with Citrix Workspace

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Welcome to your Citrix Endpoint Management (formerly XenMobile) User Adoption Kit

Deployment Best Practices and Guidelines to Deliver Any App to Mobile Users

Citrix ShareFile Share, store, sync, and secure data on any device, anywhere

Your Adoption Kit for Citrix Workspace Standard

RHM Presentation. Maas 360 Mobile device management

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Digital Workspace SHOWDOWN

Citrix Tech Zone Citrix Product Documentation docs.citrix.com November 13, 2018

Secure File Sharing and Real-Time Mobile Access to Business Data with Citrix ShareFile

Configuring and Delivering ServiceNow as a managed application to XenMobile Users with 3 rd Party SAML IDP (Identity Provider)

Top three reasons to deliver web apps with application virtualization

KODO for Samsung Knox Enterprise Data Protection & Secure Collaboration Platform

Best Practices to Make BYOD, CYOD and COPE Simple and Secure

Desktop virtualization for all

Addressing Today s Endpoint Security Challenges

Deploying Virtual Apps and Desktops with Citrix Provisioning using Oracle Cloud Infrastructure

Maximize your move to Microsoft in the cloud

How to buy or cancel the XenDesktop Essentials Service

Windows Server 2003 Migration with Citrix App and Desktop Delivery

MaaS360 Secure Productivity Suite

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

REVISED 6 NOVEMBER 2018 COMPONENT DESIGN: VMWARE IDENTITY MANAGER ARCHITECTURE

XenApp 7.x on Oracle Cloud Infrastructure

SECURE, CENTRALIZED, SIMPLE

Configuring and Delivering Salesforce as a managed application to XenMobile Users with 3 rd Party SAML IDP (Identity Provider)

Welcome to your Citrix User Adoption Kit

Citrix ShareFile Enterprise: a technical overview citrix.com

Azure MFA Integration with NetScaler

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

A comprehensive security solution for enhanced mobility and productivity

Citrix Education Learning Journey

Configuring and Delivering Notate for Enterprise as a managed application to XenMobile Users

Citrix Education Learning Journey

User Management Tool

MDM and beyond: Rethinking mobile security in a BYOD world

Securing Office 365 with MobileIron

XenMobile Technology Overview

Managing Devices and Corporate Data on ios

Managing Windows 8.1 Devices with XenMobile

Evolved Backup and Recovery for the Enterprise

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Oracle PeopleSoft 9.2 with NetScaler for Global Server Load Balancing

Comprehensive Citrix HDX visibility powered by NetScaler Management and Analytics System

The Challenge. The Solution. The Modern Approach to Remote Access

Accelerate Graphics in Virtual Environments

Mobilize your corporate content and apps

Optimizing your network for the cloud-first world

Microsoft IT deploys Work Folders as an enterprise client data management solution

Data Center Consolidation for Federal Government

Simplify Application Access with Azure Active Directory

Your Adoption Kit for Citrix Workspace Premium

BRING MAC TO THE ENTERPRISE WITH A MODERN APPROACH TO MANAGEMENT

Deliver a seamless user experience for Windows apps on Chromebooks

ARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017

Citrix Consulting. Guide to Consulting Methodology and Services

Five reasons to choose Citrix XenServer

Phil Schwan Technical

Crash course in Azure Active Directory

Datasheet. Only Workspaces delivers the features users want and the control that IT needs.

The Device Has Left the Building

Citrix CloudBridge Product Overview

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

SIMPLIFY MULTI-PLATFORM ENTERPRISE MOBILITY MANAGEMENT

Enterprise Product Guide

Best Practices in Securing a Multicloud World

BYOD: BRING YOUR OWN DEVICE.

Deploying. Mac. Five best practices

Citrix XenApp and XenDesktop 7.15 LTSR FIPS Sample Deployments

BlackBerry 2FA. Datasheet. BlackBerry 2FA

How to Access Protected Health Information from Anywhere and Stay Compliant

Citrix Mobile Solutions technology overview

Why is Office 365 the right choice?

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

A Guide to Closing All Potential VDI Security Gaps

Configuring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider)

ShareFile Account Admin Guide

Empower a Mobile Workforce with Secure App Delivery

Citrix is the Cloud Computing company that Enables Mobile Workstyles

Citrix XenApp and XenDesktop 7.6 LTSR FIPS Sample Deployments

The Benefits of Wireless Infrastructure Management in the Cloud

Centrify for Dropbox Deployment Guide

Citrix Workspace. Lausanne Laurent Strauss Christophe Beaugrand

Secure XenApp and XenDesktop, Embrace the Flexibility

BlackBerry UEM is a Wise Investment for ABANCA

Maintain Compliance with SWIFT Security Standards

Mobile Security using IBM Endpoint Manager Mobile Device Management

Enterprise Mobile Management (EMM) Policies

VMWARE HORIZON 7. End-User Computing Today. Horizon 7: Delivering Desktops and Applications as a Service

Transcription:

White Paper Unified Endpoint Management: Security and productivity for the digital workspace Unified Endpoint Management: Security and productivity for the digital workspace The workplace has evolved from stationary employees working on IT distributed Windows work desktops and laptops to mobile users playing and working on personal roaming laptops, tablets and smart phones. Ten years ago client management tools (CMT) such as Microsoft SCCM and LANDESK were the enterprise choice for managing scores, hundreds or thousands of IT distributed Windows systems. In an era of mobility, BYOD and the Internet of Things (IoT), however, client management tools (CMT) are not sufficient. Instead, for a growing number of IT organizations, the future lies in Unified Endpoint Management (UEM), which combines CMT with EMM (Enterprise Mobility Management) providing a single pane of glass to manage and secure, devices and operating systems, whether they are desktops, laptops, smart phones, tablets or IoT devices. Increasingly, UEM focuses on the user, rather than the individual device as the management focus. For users, UEM helps enable a single unified workspace with easy, consistent collaboration and information access from any device. According to Forrester, by 2020, 54% of organizations will have UEM solutions in place compared to 15% today. Organizations moving into a more mobile, global era should consider seriously whether a partial or total transition from separate CMT and EMM platforms to a single UEM tool such as UEM delivered via the Citrix Workspace makes sense for them. In the next few years, organizations will also need to extend unified management solutions to cover the emerging enterprise Internet of Things (IoT), including sensors, beacons and other similar devices. Luckily, UEM via a Citrix Workspace has been moving forward to encompass IoT devices as well. Why UEM via a digital workspace? There are many reasons why UEM via a Digital Workspace makes sense for a lot of organizations. Simplicity CMT and EMM tools have significantly different ways of working, and, for many organizations, require a separate set of staff and training for each. It s a no brainer that managing all devices from a single pane of glass makes more logical business sense. Not only is it less expensive to invest in a single management tool than two or three but significant operational savings can come in the form of reduced staff resources and training, allowing organizations to leverage existing staff for more strategic purposes. Consistency in management, security and usability is important for enterprise user productivity and information protection. Even small unintended differences in security and management policies among devices, applications and information can expose holes in the security infrastructure that allow hackers and malware to penetrate the organization. Consistency in mobile access to applications and information is also important for user productivity. UEM offers consistency in several ways: It s inherently easier to implement a single set of enterprise management and security policies across all devices and users with a single UEM solution than with two separate sets of tools. User helpdesk services and system troubleshooting are more consistent with a single management platform, and with operating systems, such as Windows 10, that have more consistent interfaces across different types of devices. Reporting is obviously easier and more comprehensive with a single platform, Citrix.com 1

which can be useful when planning and calculating the costs of hardware and software upgrades or refreshes. Windows 10 introduces its own consistency with a common operating system, application development tools and set of API s across desktop and mobile devices. Users can get all their devices applications from a single secure, corporate approved app store and work with enterprise applications and information both on their devices and the corporate network in a much more consistent way. Customers can manage their legacy Win 32 applications through a UEM solution delivered via a Citrix Workspace, over the entire application lifecycle (i.e. app deployment, app configuration and uninstall, if needed). Mobile Friendly Management Conceived at a time when devices were stationary, corporate distributed, and mostly connected to the enterprise LAN, CMT tools required desktops and laptops to be LAN connected and joined to an enterprise domain with a set of group policy objects for initial configuration and subsequent management to take place. A user could not typically connect, configure and upgrade his or her own device. This was the job of IT, which acted as the ultimate super user. With legacy CMT solutions, IT spends a lot of time creating one or a few sets of custom system images and pushing them over the LAN to a few, scores, or hundreds of network connected desktops and laptops, or uses an image deployment service for up to $25 per system. With such a methodology, bringing a new device on board or replacing a lost or stolen laptop with all the requisite applications are resource and time consuming processes that hamper user productivity. CMT application distribution is also IT centric, requiring complex distribution packages. By contrast, UEM API s and tools were designed from day one to support roaming, wirelessly connected mobile users on their chosen devices. Users can acquire a device with the vendor configured operating system and applications and use an enterprise UEM portal and configuration app to enroll and configure their device themselves over the air according to corporate settings and policies all with little to no IT touch or help. Users can also use a corporate app store portal to download and install IT preapproved applications. Cloud SaaS and virtual applications have become much more prevalent in the enterprise, so in many cases applications don t have to be downloaded at all. If necessary, IT can still push out applications and updates to hundreds of globally roaming devices. OS and application updates were much less frequent a few years ago, very time and resource intensive, and LAN dependent. Mobile operating systems today tend to run on a cloud service model with much smaller, more frequent updates, which makes a lot more sense for the roaming mobile user. Containerization One of the ways UEM and mobile OS API s enable BYOD and corporate owned, personally enabled (COPE) workstyles is through containerization. Using application wrapping, encryption and other similar methods, IT can separate corporate and personal applications and data on the device such that interactions among them are disabled or restricted according to enterprise security policies. Containerization accomplishes both malware protection and Data Leakage Prevention (DLP). Since enterprise and personal applications and data on the device are walled off from each other, any malware downloaded with personal applications or browsing has no impact on containerized enterprise applications and cannot be transmitted to the enterprise network when the device connects. Most UEM solutions enforce this separation as well with per app virtual private network (VPN) connections activated automatically when certain enterprise applications connect to the corporate LAN. Per app VPN s connect a single application, rather than the entire device, shutting out any malware from personal application use. Similarly, most operating system API s and UEM systems allow IT to configure and enforce a number of policies that regulate 2

users ability to cut and paste data from enterprise to personal applications, paste or attach enterprise data or files to personal email messages, and print files containing sensitive data. With Windows 10 laptops, desktops and UEM, containerization can be accomplished via digital rights management through the enforcement of Windows Information Protection encryption of all enterprise applications and data. IT can then leverage policies that prevent users from cutting and pasting encrypted content into unmanaged applications not using Windows Information Protection encryption, including personal email client software. Any data downloaded from services such as SharePoint or a shared network are also encrypted. Windows 10 delivers many other critical enterprise management features IT needs across devices. IT can push down and enforce a raft of policies and settings, enforce password and encryption, enable self-enrollment of new devices through Azure Active Directory or a third party UEM solution, manage corporate provisioned apps separately from user installed apps, distribute Windows 32 apps via.msi packages, enforce and deploy updates, and prevent access to dangerous websites, all without having to touch the device connecting it to the enterprise LAN. Any Win32 application that can t be leveraged this way can be deployed to mobile devices via desktop virtualization solutions of the Citrix Workspace. While the full breadth of management features may not equal those offered by CMT, the most critical and widely used management capabilities are offered and will continue to evolve. With OS X Lion, Apple also started giving the desktop operating system most of the same policy based, self-enrollment management API s as ios and more will come with macos Sierra. The Citrix UEM solution Citrix XenMobile is a comprehensive, integrated UEM solution to manage multiple platforms including ios, Android, Windows 10, and MacOS devices, including desktops, notebooks and Chromebooks. XenMobile as a part of the Citrix Workspace combines UEM with apps and desktop virtualization; file sync and share, secure network gateway services plus security and productivity enhancements to Office 365. Citrix mvpn helps prevent malware infected apps from accessing resources behind the firewall, provides unique Mobile Device Identifiers assigned at the app level, not just the device level to monitor, filter or block individual connections or devices. This integration provides access to not only Office productivity apps, but all other apps user s need as part of their digital workplace including legacy Windows apps, SaaS, web and mobile apps, all from a unified app store. XenMobile delivered via Citrix Workspace provides increasing support for all operating system enterprise management API s as they are introduced and adds its own unique capabilities that deliver management consistency across device operating systems. These include full FIPS 140-2 compliant AES 256-bit encryption, its own MDX containerization features on top of those offered by operating system API s and its own toolkit and SDK for wrapping individual applications with the policies and containerization strategies necessary to protect their associated sensitive information. This is important as the Citrix Workspace provides a seamless, productive experience for the user at the same time as it provides consistent, necessary protections for the enterprise. The Citrix Workspace also offers its own mobile enterprise level Secure applications, such as Citrix Secure Mail and Citrix Secure Web, across ios and Android. Citrix Secure Mail is an enterprise email client and personal information manager with a user friendly interface much like those of device native email client solutions, but with scores of additional features that enhance security and usability in an enterprise setting. With Secure Mail, all corporate email, contacts, and calendar items are stored completely separate from the personal applications on the device. Secure Mail can be accessed via single sign-on after the user logs into Secure Hub, and offers multifactor authentication, remote wipe, and encryption in transit and at rest. IT can also enforce 3

restrictions on email attachments, and printing and cutting and pasting of information from other applications into emails. Secure Mail integrates with organizations existing data leakage prevention (DLP) tools, which monitor and restrict content sent out in enterprise emails. Secure Mail also offers outstanding convenience features, such as viewing availability of meeting invitees, including online meetings and phone conference links in new meeting invitations and joining online meetings via a single touch. Secure Mail integrates tightly with Secure Web mobile app, so that all email Web links are opened in a secure, sandboxed web browser environment. Secure Mail also integrates tightly with Citrix s own ShareFile file sync and share application, which is discussed below, so that ShareFile links rather than file attachments can be embedded in emails for tighter control over content sharing. Citrix Secure Web is a secure browser alternative that IT can use to place policies and restrictions on Web browsing, particularly when connecting to the corporate network and intranet. Organizations can apply policies that govern which websites users can and cannot access, what enterprise firewall proxies are used to access them, and can analyze and filter URL s to ensure they re safe. Citrix ShareFile is an enterprise-class secure mobile file sync and share application, which provides the same or better features and convenience than consumer friendly Box and DropBox, but with enterprise-level security and management. Rather than forcing users to store all information in the cloud, organizations can leverage ShareFile Storage Zones to store shared files either on-premises behind the firewall, in the Citrix ShareFile cloud service, or in another public cloud storage service of their choice. ShareFile can store files on internal CIF based network storage systems and provides connectors for Windows network shares and Microsoft SharePoint so that files don t have to be migrated to another service in order to be shared. ShareFile also offers easyto-use full-featured drag and drop solution that novices can use to create, populate and store mobile forms-based applications running on a variety of devices. ShareFile helps organizations digitize and automate manual workflows and processes rapidly and eliminate double data entry and paperwork in the field. And perhaps most important, ShareFile leverages all the powerful security and management features of Citrix XenMobile to protect and secure enterprise data and integrates seamlessly with other XenMobile functions and productivity applications. Citrix Secure Hub is the Citrix Apps store where organizations can provide a single app store with access to Secure apps, other mobile apps (either commercial third-party or enterprise developed), Web and SaaS services, and even Windows desktops and applications based on Active Directory group policies. Podio adds a powerful, free enterprise cloud based mobile collaboration platform combining team conversations, processes and content sharing and integrates tightly with Citrix XenMobile security and management. Podio provides equivalent or better collaboration capabilities than enterprise solutions costing tens of thousands of dollars. Citrix Workspace also extends mobility management to the emerging IoT enabled workplace where context-aware environments synthesize data from many different sources to respond to the needs of the user, increasing workplace efficiency and productivity. Octoblu software can be used to create workplace automation services such as launching a personalized desktop when a user approaches a workstation; adjusting heating, cooling and lighting and starting GoToMeeting or Skype for Business meeting when staff enters a conference room; and using beacons to connect user automatically to nearby printers. The IoT possibilities are limitless. Summary With Windows 10 and macos Sierra, it s possible to deliver a single Unified Endpoint Management capability for all endpoints, devices and applications. Enterprises should examine these solutions closely to see if 4

UEM can not only simplify and slash the cost of managing, securing and simplifying the mobile workplace, but take the mobile enterprise into the era of IoT. Delivering unified endpoint management as part of the Citrix Workspace provides simpler administration to on-board, aggregate, and manage hybrid cloud services with identity management and federation across all applications. The Citrix Workspace helps IT unify endpoint management and access management, and provides performance insights. Unique to Citrix, the entire workspace has contextual security with end-to-end analytics across infrastructure, apps, networks, and devices for unparalleled monitoring. For your end-users, Citrix Workspace provides a single point of entry to the apps and data they need to be productive and collaborate on any endpoint. Only Citrix offers a complete UEM solution that includes integrated management, security, application and desktop virtualization, mobile collaboration and enterprise IoT enablement Delivering Workspace as a service enables you to do more with less by centralizing IT management, streamlining upgrades and reducing capital infrastructure. Only cloud technologies allow you the flexibility to increase and decrease infrastructure with your changing business needs. Spin up new instances when you on-board new personnel, and remove them when they leave. Delivering Citrix Workspace as a service is the fastest, simplest and most flexible way to securely deliver digital workspace technologies. Enterprise Sales North America 800-424-8749 Worldwide +1 408-790-8000 Locations Corporate Headquarters 851 Cypress Creek Road Fort Lauderdale, FL 33309, United States Silicon Valley 4988 Great America Parkway Santa Clara, CA 95054, United States 2017 Citrix Systems, Inc. All rights reserved. Citrix, the Citrix logo, and other marks appearing herein are property of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered with the U.S. Patent and Trademark Office and in other countries. All other marks are the property of their respective owner(s). 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback