SlideShare a Scribd company logo

How to Secure App & Data Deliver Across Devices, Networks and Locations

Citrix
Citrix

This white paper examines how Citrix XenApp and Citrix XenDesktop dramatically reduce the effort required to protect mission-critical information, while giving users fast, simple remote access that enhances business productivity.

Technology
1 of 7
Download to read offline
White Paper citrix.com Secure app and data delivery—across devices, networks and locations How XenApp dramatically simplifies data protection, access control and other critical security tasks.
White Paper citrix.com 2 Secure app and data delivery—across devices, networks and locations Most discussions of application and desktop virtualization focus on cost reduction, simplifying IT operations, and increasing convenience for employees. These factors are extremely important, but IT professionals should not overlook the immense impact of workspace virtualization on information security. In fact, application and desktop virtualization have profound advantages for key security functions such as data protection, access control, user provisioning and compliance. They can also give administrators extremely granular control over how employees, contractors and business partners use and share application data. This white paper examines how Citrix® XenApp® can dramatically reduce the effort required to protect mission-critical information, while giving users fast, simple, flexible remote access that enhances business productivity. Growing IT security challenges Corporate IT groups are continuously challenged to support critical new business initiatives and improve end user computing experiences, while facing limited budgets and mounting pressures to improve information security. Many of these challenges involve making computing resources easier to utilize, regardless of physical and geographical boundaries. Employees are demanding the following: • Work anywhere, with a consistent experience, from PCs, laptops, tablets and smartphones. • Utilize personal devices within a corporate environment through bring your own device (BYOD) programs. • Freedom from rigid IT security controls that restrict performance and inhibit productivity. • Access to corporate data and self-provision applications on-demand. At the same time, today’s headlines announce data breaches and IT news websites feature stories about cyber criminals and hackers spreading zero-day attacks, new types of malware, and stealthy planning targeted attacks. Fundamental changes in the way people work and waves of new consumer technologies are shattering the old methods of balancing employee productivity and IT security. IT admins are facing powerful workplace trends that disrupt routine protocols and processes for protecting corporate information: • Since 2014, each knowledge worker is expected to have an average of 3 devices connected in the workplace.
White Paper citrix.com 3 Secure app and data delivery—across devices, networks and locations • Employees are supplying their own personal endpoint devices, making it difficult or impossible to mandate and enforce corporate security standards. • IT must provide access to employees, contractors and business partners, from remote offices, home offices, hotel rooms and even kiosks, across the globe. Rethink security Clearly these trends are not sustainable with current approaches to security and remote access. How can IT groups provide easier access to resources, in the face of more sophisticated threats, with multiplying endpoints to defend? And the challenges are not just related to the quantity of end points, but to the increasing diversity. Each type of device—PC, laptop, tablet and smartphone—requires different security products, protecting against different threats, and applying different access policies. The remedy is not adding yet another layer of security products that require more management. Instead, it is to change the game by moving to a computing model that is inherently secure, with an architecture that dramatically simplifies fundamental security functions such as data protection, access control, provisioning and secure remote access. XenApp XenApp is an application delivery solution that enables any Windows® , Linux, Web or SaaS application to be virtualized, centralized and managed in the datacenter and instantly delivered as a service to users anywhere on any device. With XenApp, applications execute in the data center and are securely accessed from any location. Keeping applications and data protected within the hardened data center and hosted in the same location as the back-end databases further enhances application performance even when accessed from distant locations. The application access and performance benefits of XenApp are numerous, but many times the security advantages of a centralized application deployment model are overlooked. XenApp provides an inherently secure architecture that dramatically reduces the quantity of data exposed outside of the data center without configuring extensive security features or add-on security products. The fundamental design of XenApp is to keep all apps, data, and information secured in the data center and only send screen update, mouse click and keystroke commands across the network to the user’s endpoint device. XenApp keeps sensitive corporate information protected in the data center, but employees still need secure access to the XenApp infrastructure. Applications published using XenApp are accessible through Citrix Receiver™ —a lightweight client that can be installed on any type of device, including iOS, Mac® , Android® , Windows and more. Citrix Receiver makes it easy for IT administrators to securely enable application access from any type of personal or corporate-owned device while ensuring that IT security procedures and processes are enforced. Citrix Receiver is in constant communication with the XenApp infrastructure, making it easy to identify the optimal application delivery method for any user based on device features, available network connection, and specific application-related tasks. Users in any location can download Citrix Receiver and securely access XenApp published applications making it easy for IT to meet the employee demands without compromising security standards.
White Paper citrix.com 4 Secure app and data delivery—across devices, networks and locations NetScaler Gateway XenApp deployments can be further enhanced with NetScaler Gateway™ . NetScaler Gateway is a secure application, desktop and data access solution that provides granular application and device-level policies and action- controls. NetScaler Gateway secures remote access to XenApp infrastructure and provides users with a secure, single point of access to published applications and desktops from any type of device. NetScaler Gateway ensures secure remote access by using secure Citrix ICA® proxy technology to encrypt data without the need to establish a full VPN tunnel from remote devices. NetScaler Gateway leverages HDX SmartAccess™ technology to give IT managers a single point of management for controlling access and limiting actions allowed to users. With HDX SmartAccess, IT administrators can strike the right balance between security and end user convenience in every situation. They do this by defining a precise set of policies based on users, devices and locations. For example, administrators might want to create policies so that one group of users can access a wide range of applications and data while on the LAN, a subset of those resources while on a tablet at home, and a smaller subset from a smartphone connected through a public network. Another, less trusted group could be restricted to a small subset of resources under all conditions. Administrators can go even further by restricting the ability of users in insecure environments to copy, email or print data, or to save confidential files to removable media. They could limit users on public kiosks to viewing data and nothing else. Further, access can be limited based on the security posture of the endpoint. HDX SmartAccess includes endpoint analysis software that can scan remote computers and determine if security tools like anti-virus software, client firewalls and hard drive encryption utilities are present, running, and up-to-date. If these requirements are not met, the user can be restricted to a limited set of applications and data, or redirected to a remediation site where the security deficiencies can be remedied. These policies can be applied dynamically as users move between different devices, applications and locations. Administrators can enforce compliance with rules that govern privacy and the secure storage of data. This is critical for enterprises that are affected by regulations such as those in some European countries that require data about its residents be stored within the country’s borders. With HDX SmartAccess, an organization could not only prove that the data resides in a virtual environment located in the country, it could also create policies so that nobody located outside of the country, or using a mobile device, could access that data. Reduce security complexity The architecture and core features of XenApp with NetScaler Gateway make security far more reliable and easier to manage. By opting for a solution that is inherently secure, some of the most vexing challenges of protecting data on endpoints simply disappear or are dramatically reduced in complexity. Data protection Sensitive data can be centralized in the data center and protected by a complete set of network and host security products such as next-generation firewalls (NGFWs), intrusion protection
White Paper citrix.com 5 Secure app and data delivery—across devices, networks and locations systems (IPSs), and host anti-malware and anti-spyware tools. These defenses are generally much more powerful and effective than the local firewall and anti-virus products deployed on endpoints, and are far easier to update. With XenApp, data is never transferred over the network, and if policies are enabled to allow data transfer, that data is encrypted. Keeping intellectual property and sensitive information protected from eavesdropping, man-in-the-middle attacks, and other threats to “data in motion.” Application and desktop virtualization with XenApp also simplifies the operational aspects of data protection. Databases and files in a central location are far easier to monitor and back up than those residing on distributed devices. Employees are easily protected from data loss due to hardware and software failures, accidents and human errors. Data can be recovered faster in the event of a major outage or disaster. Access control Controlling access to applications and data residing on endpoints is extremely challenging, especially since the tools available to manage those local controls vary widely across different types of laptops, tablets and smartphones. Further complicating the picture is the fact that most organizations have multiple access points and authentication procedures to support different use scenarios. Three different gateways and three different authentication procedures might be needed to handle one employee connecting from a PC in the office, a second employee connecting over the Internet from a tablet at home, and a contractor connecting from a smartphone at the airport. With XenApp, administrators can use one set of tools to create and enforce a single set of access control policies for all users, regardless of their locations and the devices they are using. They could also add multi-factor authentication to any Windows or legacy application, including tokens, smartcards, RADIUS, Kerberos and biometrics. These same access controls and authentication methods can be used to manage access to all resources delivered by XenApp while providing a self-service, enterprise app store that gives users fast, on-demand access to Windows applications and application updates. By providing an enterprise app store, IT can provide consumer-type flexibility to users and free up operations and support staffs from providing applications to individual employees. It also enhances security by giving users convenient access to corporate-approved and tested applications, so they don’t potentially download infected apps from dubious app stores and compromised sites on the web. Provisioning and de-provisioning Provisioning and de-provisioning employees can be a burdensome activity for IT administrators. It is particularly challenging to cut off application and data access when employees, contractors and others are terminated. War stories abound of contractors retaining application access months after their work is complete, and of fired employees walking off with customer lists and intellectual property.
White Paper citrix.com 6 Secure app and data delivery—across devices, networks and locations With XenApp, new users can be provided with access to applications with a few clicks, and access to applications and data can be revoked in seconds from terminated employees and contractors. If terminated employees are using their own laptops or mobile devices, sensitive data is stored out of reach in the data center, not on their equipment. Incident response and disaster recovery Incident response and disaster recovery are also inherently simpler with application and desktop virtualization. Centralized data is easier to monitor and analyze than data spread around distributed systems. Vulnerabilities can be patched or remediated in a central location, instead of across hundreds of remote PCs and devices. For disaster recovery, administrators can set up a “two data center” configuration where applications and data are mirrored between two sites. If one site goes down, users can quickly be switched to the other with no loss of data or productivity. If laptops and other devices are destroyed or unreachable in a disaster, employees can access their applications and data from other devices in safe locations. Compliance XenApp can simplify audits and regulatory compliance. Investigators can use a complete, centralized audit trail to determine who accessed what applications and data. There is no need to collect extensive logs from remote devices. Conclusion This paper outlines how XenApp solutions from Citrix give users more power and flexibility to securely access applications and data anywhere, using any device. It also explains some of the ways application and desktop virtualization can simplify difficult and time-consuming IT security tasks related to: • Data protection • Access control • Policy enforcement • Provisioning and de-provisioning • Incident response and disaster recovery • Compliance • Secure, efficient remote access XenApp solutions reduce the work needed to provide better security. Security improvements are inherent in a virtualized architecture and a centralized application and desktop delivery model. That means that organization can enjoy the benefits of simpler and more reliable security, without having to implement and manage complex new security tools.
0316/PDF Corporate Headquarters Fort Lauderdale, FL, USA Silicon Valley Headquarters Santa Clara, CA, USA EMEA Headquarters Schaffhausen, Switzerland India Development Center Bangalore, India Online Division Headquarters Santa Barbara, CA, USA Pacific Headquarters Hong Kong, China Latin America Headquarters Coral Gables, FL, USA UK Development Center Chalfont, United Kingdom About Citrix Citrix (NASDAQ:CTXS) is leading the transition to software-defining the workplace, uniting virtualization, mobility management, networking and SaaS solutions to enable new ways for businesses and people to work better. Citrix solutions power business mobility through secure, mobile workspaces that provide people with instant access to apps, desktops, data and communications on any device, over any network and cloud. With annual revenue in 2015 of $3.28 billion, Citrix solutions are in use at more than 400,000 organizations and by over 100 million users globally. Learn more at www.citrix.com. Copyright © 2016 Citrix Systems, Inc. All rights reserved. Citrix, XenApp, Receiver, NetScaler Gateway, ICA and HDX Smart Access are trademarks of Citrix Systems, Inc. and/or one of its subsidiaries, and may be registered in the U.S. and other countries. Other product and company names mentioned herein may be trademarks of their respective companies. White Paper citrix.com 7 Secure app and data delivery—across devices, networks and locations Additional Resources App Virtualization Solutions Compare XenApp vs. VMware Horizon

Recommended

Security, Privacy & Convenience – key drivers for mobile adoption from a cons...
Security, Privacy & Convenience – key drivers for mobile adoption from a cons...Security, Privacy & Convenience – key drivers for mobile adoption from a cons...
Security, Privacy & Convenience – key drivers for mobile adoption from a cons...
Subho Halder
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
IBM Security
 
5 Steps for End-to-End Mobile Security with Consumer Apps
5 Steps for End-to-End Mobile Security with Consumer Apps5 Steps for End-to-End Mobile Security with Consumer Apps
5 Steps for End-to-End Mobile Security with Consumer Apps
CA API Management
 
Three Keys to Building a Secure Mobile Infrastructure in Government Environments
Three Keys to Building a Secure Mobile Infrastructure in Government EnvironmentsThree Keys to Building a Secure Mobile Infrastructure in Government Environments
Three Keys to Building a Secure Mobile Infrastructure in Government Environments
VMware
 
Mobile App Security: How Secure is your Mobile App
Mobile App Security: How Secure is your Mobile AppMobile App Security: How Secure is your Mobile App
Mobile App Security: How Secure is your Mobile App
Doug Sillars
 
Building The Digital Workplace
Building The Digital WorkplaceBuilding The Digital Workplace
Building The Digital Workplace
Citrix
 
Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Citrix
 
XenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment GuideXenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment Guide
Citrix
 

Recommended

Security, Privacy & Convenience – key drivers for mobile adoption from a cons...
Security, Privacy & Convenience – key drivers for mobile adoption from a cons...Security, Privacy & Convenience – key drivers for mobile adoption from a cons...
Security, Privacy & Convenience – key drivers for mobile adoption from a cons...
Subho Halder
 
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
Surviving the Mobile Phenomenon: Securing Mobile Access with Risk-Based Authe...
IBM Security
 
5 Steps for End-to-End Mobile Security with Consumer Apps
5 Steps for End-to-End Mobile Security with Consumer Apps5 Steps for End-to-End Mobile Security with Consumer Apps
5 Steps for End-to-End Mobile Security with Consumer Apps
CA API Management
 
Three Keys to Building a Secure Mobile Infrastructure in Government Environments
Three Keys to Building a Secure Mobile Infrastructure in Government EnvironmentsThree Keys to Building a Secure Mobile Infrastructure in Government Environments
Three Keys to Building a Secure Mobile Infrastructure in Government Environments
VMware
 
Mobile App Security: How Secure is your Mobile App
Mobile App Security: How Secure is your Mobile AppMobile App Security: How Secure is your Mobile App
Mobile App Security: How Secure is your Mobile App
Doug Sillars
 
Building The Digital Workplace
Building The Digital WorkplaceBuilding The Digital Workplace
Building The Digital Workplace
Citrix
 
Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Maximize your Investment in Microsoft Office 365 with Citrix Workspace
Citrix
 
XenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment GuideXenApp on Google Cloud Deployment Guide
XenApp on Google Cloud Deployment Guide
Citrix
 
Deploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud PlatformDeploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Citrix
 
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business ProductivityManage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Citrix
 
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
Citrix
 
Workforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & ProductivityWorkforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & Productivity
Citrix
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix
 
The Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity GapThe Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity Gap
Citrix
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix
 
Citrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch NotesCitrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch Notes
Citrix
 
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch NotesCitrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix
 
Synergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch NotesSynergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch Notes
Citrix
 
Who Are Citrix Customers?
Who Are Citrix Customers?Who Are Citrix Customers?
Who Are Citrix Customers?
Citrix
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
Citrix
 
Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working
Citrix
 
Life in the Digital Workspace
Life in the Digital WorkspaceLife in the Digital Workspace
Life in the Digital Workspace
Citrix
 
Comparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspacesComparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspaces
Citrix
 
4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 Migration4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 Migration
Citrix
 
Citrix Paddington
Citrix PaddingtonCitrix Paddington
Citrix Paddington
Citrix
 
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
Citrix
 
Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.
Citrix
 
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 

More Related Content

More from Citrix

More from Citrix (20)

Deploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud PlatformDeploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
Deploying Citrix XenApp & XenDesktop Service on Google Cloud Platform
 
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business ProductivityManage Risk by Protecting the Apps and Data That Drive Business Productivity
Manage Risk by Protecting the Apps and Data That Drive Business Productivity
 
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
How do Organizations Plan to Assure Application Delivery in a Multi-Cloud World?
 
Workforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & ProductivityWorkforce Flexibility Can Drive Greater Engagement & Productivity
Workforce Flexibility Can Drive Greater Engagement & Productivity
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment Guide
 
The Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity GapThe Growing U.S. IT Productivity Gap
The Growing U.S. IT Productivity Gap
 
Citrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment GuideCitrix Cloud Services: Total Economic Benefits Assessment Guide
Citrix Cloud Services: Total Economic Benefits Assessment Guide
 
Citrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch NotesCitrix Synergy 2017: Technology Keynote Sketch Notes
Citrix Synergy 2017: Technology Keynote Sketch Notes
 
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch NotesCitrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
Citrix Synergy 2017: Malcolm Gladwell Innovation Super Session Sketch Notes
 
Synergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch NotesSynergy 2017: Colin Powell Innovation Super Session Sketch Notes
Synergy 2017: Colin Powell Innovation Super Session Sketch Notes
 
Who Are Citrix Customers?
Who Are Citrix Customers?Who Are Citrix Customers?
Who Are Citrix Customers?
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
 
Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working Enterprise Case Study: Enabling a More Mobile Way of Working
Enterprise Case Study: Enabling a More Mobile Way of Working
 
Life in the Digital Workspace
Life in the Digital WorkspaceLife in the Digital Workspace
Life in the Digital Workspace
 
Comparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspacesComparing traditional workspaces to digital workspaces
Comparing traditional workspaces to digital workspaces
 
4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 Migration4 Ways to Ensure a Smooth Windows 10 Migration
4 Ways to Ensure a Smooth Windows 10 Migration
 
Citrix Paddington
Citrix PaddingtonCitrix Paddington
Citrix Paddington
 
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
The Security Compliance Countdown: How to Get Ahead of the GDPR [Infographic]
 
Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.Transforming Business with Citrix: Customers Share Their Stories.
Transforming Business with Citrix: Customers Share Their Stories.
 
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
Citrix & Canalys: Northern European Channel Partners in a State of Transforma...
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Recently uploaded (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

How to Secure App & Data Deliver Across Devices, Networks and Locations

  • 1. White Paper citrix.com Secure app and data delivery—across devices, networks and locations How XenApp dramatically simplifies data protection, access control and other critical security tasks.
  • 2. White Paper citrix.com 2 Secure app and data delivery—across devices, networks and locations Most discussions of application and desktop virtualization focus on cost reduction, simplifying IT operations, and increasing convenience for employees. These factors are extremely important, but IT professionals should not overlook the immense impact of workspace virtualization on information security. In fact, application and desktop virtualization have profound advantages for key security functions such as data protection, access control, user provisioning and compliance. They can also give administrators extremely granular control over how employees, contractors and business partners use and share application data. This white paper examines how Citrix® XenApp® can dramatically reduce the effort required to protect mission-critical information, while giving users fast, simple, flexible remote access that enhances business productivity. Growing IT security challenges Corporate IT groups are continuously challenged to support critical new business initiatives and improve end user computing experiences, while facing limited budgets and mounting pressures to improve information security. Many of these challenges involve making computing resources easier to utilize, regardless of physical and geographical boundaries. Employees are demanding the following: • Work anywhere, with a consistent experience, from PCs, laptops, tablets and smartphones. • Utilize personal devices within a corporate environment through bring your own device (BYOD) programs. • Freedom from rigid IT security controls that restrict performance and inhibit productivity. • Access to corporate data and self-provision applications on-demand. At the same time, today’s headlines announce data breaches and IT news websites feature stories about cyber criminals and hackers spreading zero-day attacks, new types of malware, and stealthy planning targeted attacks. Fundamental changes in the way people work and waves of new consumer technologies are shattering the old methods of balancing employee productivity and IT security. IT admins are facing powerful workplace trends that disrupt routine protocols and processes for protecting corporate information: • Since 2014, each knowledge worker is expected to have an average of 3 devices connected in the workplace.
  • 3. White Paper citrix.com 3 Secure app and data delivery—across devices, networks and locations • Employees are supplying their own personal endpoint devices, making it difficult or impossible to mandate and enforce corporate security standards. • IT must provide access to employees, contractors and business partners, from remote offices, home offices, hotel rooms and even kiosks, across the globe. Rethink security Clearly these trends are not sustainable with current approaches to security and remote access. How can IT groups provide easier access to resources, in the face of more sophisticated threats, with multiplying endpoints to defend? And the challenges are not just related to the quantity of end points, but to the increasing diversity. Each type of device—PC, laptop, tablet and smartphone—requires different security products, protecting against different threats, and applying different access policies. The remedy is not adding yet another layer of security products that require more management. Instead, it is to change the game by moving to a computing model that is inherently secure, with an architecture that dramatically simplifies fundamental security functions such as data protection, access control, provisioning and secure remote access. XenApp XenApp is an application delivery solution that enables any Windows® , Linux, Web or SaaS application to be virtualized, centralized and managed in the datacenter and instantly delivered as a service to users anywhere on any device. With XenApp, applications execute in the data center and are securely accessed from any location. Keeping applications and data protected within the hardened data center and hosted in the same location as the back-end databases further enhances application performance even when accessed from distant locations. The application access and performance benefits of XenApp are numerous, but many times the security advantages of a centralized application deployment model are overlooked. XenApp provides an inherently secure architecture that dramatically reduces the quantity of data exposed outside of the data center without configuring extensive security features or add-on security products. The fundamental design of XenApp is to keep all apps, data, and information secured in the data center and only send screen update, mouse click and keystroke commands across the network to the user’s endpoint device. XenApp keeps sensitive corporate information protected in the data center, but employees still need secure access to the XenApp infrastructure. Applications published using XenApp are accessible through Citrix Receiver™ —a lightweight client that can be installed on any type of device, including iOS, Mac® , Android® , Windows and more. Citrix Receiver makes it easy for IT administrators to securely enable application access from any type of personal or corporate-owned device while ensuring that IT security procedures and processes are enforced. Citrix Receiver is in constant communication with the XenApp infrastructure, making it easy to identify the optimal application delivery method for any user based on device features, available network connection, and specific application-related tasks. Users in any location can download Citrix Receiver and securely access XenApp published applications making it easy for IT to meet the employee demands without compromising security standards.
  • 4. White Paper citrix.com 4 Secure app and data delivery—across devices, networks and locations NetScaler Gateway XenApp deployments can be further enhanced with NetScaler Gateway™ . NetScaler Gateway is a secure application, desktop and data access solution that provides granular application and device-level policies and action- controls. NetScaler Gateway secures remote access to XenApp infrastructure and provides users with a secure, single point of access to published applications and desktops from any type of device. NetScaler Gateway ensures secure remote access by using secure Citrix ICA® proxy technology to encrypt data without the need to establish a full VPN tunnel from remote devices. NetScaler Gateway leverages HDX SmartAccess™ technology to give IT managers a single point of management for controlling access and limiting actions allowed to users. With HDX SmartAccess, IT administrators can strike the right balance between security and end user convenience in every situation. They do this by defining a precise set of policies based on users, devices and locations. For example, administrators might want to create policies so that one group of users can access a wide range of applications and data while on the LAN, a subset of those resources while on a tablet at home, and a smaller subset from a smartphone connected through a public network. Another, less trusted group could be restricted to a small subset of resources under all conditions. Administrators can go even further by restricting the ability of users in insecure environments to copy, email or print data, or to save confidential files to removable media. They could limit users on public kiosks to viewing data and nothing else. Further, access can be limited based on the security posture of the endpoint. HDX SmartAccess includes endpoint analysis software that can scan remote computers and determine if security tools like anti-virus software, client firewalls and hard drive encryption utilities are present, running, and up-to-date. If these requirements are not met, the user can be restricted to a limited set of applications and data, or redirected to a remediation site where the security deficiencies can be remedied. These policies can be applied dynamically as users move between different devices, applications and locations. Administrators can enforce compliance with rules that govern privacy and the secure storage of data. This is critical for enterprises that are affected by regulations such as those in some European countries that require data about its residents be stored within the country’s borders. With HDX SmartAccess, an organization could not only prove that the data resides in a virtual environment located in the country, it could also create policies so that nobody located outside of the country, or using a mobile device, could access that data. Reduce security complexity The architecture and core features of XenApp with NetScaler Gateway make security far more reliable and easier to manage. By opting for a solution that is inherently secure, some of the most vexing challenges of protecting data on endpoints simply disappear or are dramatically reduced in complexity. Data protection Sensitive data can be centralized in the data center and protected by a complete set of network and host security products such as next-generation firewalls (NGFWs), intrusion protection
  • 5. White Paper citrix.com 5 Secure app and data delivery—across devices, networks and locations systems (IPSs), and host anti-malware and anti-spyware tools. These defenses are generally much more powerful and effective than the local firewall and anti-virus products deployed on endpoints, and are far easier to update. With XenApp, data is never transferred over the network, and if policies are enabled to allow data transfer, that data is encrypted. Keeping intellectual property and sensitive information protected from eavesdropping, man-in-the-middle attacks, and other threats to “data in motion.” Application and desktop virtualization with XenApp also simplifies the operational aspects of data protection. Databases and files in a central location are far easier to monitor and back up than those residing on distributed devices. Employees are easily protected from data loss due to hardware and software failures, accidents and human errors. Data can be recovered faster in the event of a major outage or disaster. Access control Controlling access to applications and data residing on endpoints is extremely challenging, especially since the tools available to manage those local controls vary widely across different types of laptops, tablets and smartphones. Further complicating the picture is the fact that most organizations have multiple access points and authentication procedures to support different use scenarios. Three different gateways and three different authentication procedures might be needed to handle one employee connecting from a PC in the office, a second employee connecting over the Internet from a tablet at home, and a contractor connecting from a smartphone at the airport. With XenApp, administrators can use one set of tools to create and enforce a single set of access control policies for all users, regardless of their locations and the devices they are using. They could also add multi-factor authentication to any Windows or legacy application, including tokens, smartcards, RADIUS, Kerberos and biometrics. These same access controls and authentication methods can be used to manage access to all resources delivered by XenApp while providing a self-service, enterprise app store that gives users fast, on-demand access to Windows applications and application updates. By providing an enterprise app store, IT can provide consumer-type flexibility to users and free up operations and support staffs from providing applications to individual employees. It also enhances security by giving users convenient access to corporate-approved and tested applications, so they don’t potentially download infected apps from dubious app stores and compromised sites on the web. Provisioning and de-provisioning Provisioning and de-provisioning employees can be a burdensome activity for IT administrators. It is particularly challenging to cut off application and data access when employees, contractors and others are terminated. War stories abound of contractors retaining application access months after their work is complete, and of fired employees walking off with customer lists and intellectual property.
  • 6. White Paper citrix.com 6 Secure app and data delivery—across devices, networks and locations With XenApp, new users can be provided with access to applications with a few clicks, and access to applications and data can be revoked in seconds from terminated employees and contractors. If terminated employees are using their own laptops or mobile devices, sensitive data is stored out of reach in the data center, not on their equipment. Incident response and disaster recovery Incident response and disaster recovery are also inherently simpler with application and desktop virtualization. Centralized data is easier to monitor and analyze than data spread around distributed systems. Vulnerabilities can be patched or remediated in a central location, instead of across hundreds of remote PCs and devices. For disaster recovery, administrators can set up a “two data center” configuration where applications and data are mirrored between two sites. If one site goes down, users can quickly be switched to the other with no loss of data or productivity. If laptops and other devices are destroyed or unreachable in a disaster, employees can access their applications and data from other devices in safe locations. Compliance XenApp can simplify audits and regulatory compliance. Investigators can use a complete, centralized audit trail to determine who accessed what applications and data. There is no need to collect extensive logs from remote devices. Conclusion This paper outlines how XenApp solutions from Citrix give users more power and flexibility to securely access applications and data anywhere, using any device. It also explains some of the ways application and desktop virtualization can simplify difficult and time-consuming IT security tasks related to: • Data protection • Access control • Policy enforcement • Provisioning and de-provisioning • Incident response and disaster recovery • Compliance • Secure, efficient remote access XenApp solutions reduce the work needed to provide better security. Security improvements are inherent in a virtualized architecture and a centralized application and desktop delivery model. That means that organization can enjoy the benefits of simpler and more reliable security, without having to implement and manage complex new security tools.
  • 7. 0316/PDF Corporate Headquarters Fort Lauderdale, FL, USA Silicon Valley Headquarters Santa Clara, CA, USA EMEA Headquarters Schaffhausen, Switzerland India Development Center Bangalore, India Online Division Headquarters Santa Barbara, CA, USA Pacific Headquarters Hong Kong, China Latin America Headquarters Coral Gables, FL, USA UK Development Center Chalfont, United Kingdom About Citrix Citrix (NASDAQ:CTXS) is leading the transition to software-defining the workplace, uniting virtualization, mobility management, networking and SaaS solutions to enable new ways for businesses and people to work better. Citrix solutions power business mobility through secure, mobile workspaces that provide people with instant access to apps, desktops, data and communications on any device, over any network and cloud. With annual revenue in 2015 of $3.28 billion, Citrix solutions are in use at more than 400,000 organizations and by over 100 million users globally. Learn more at www.citrix.com. Copyright © 2016 Citrix Systems, Inc. All rights reserved. Citrix, XenApp, Receiver, NetScaler Gateway, ICA and HDX Smart Access are trademarks of Citrix Systems, Inc. and/or one of its subsidiaries, and may be registered in the U.S. and other countries. Other product and company names mentioned herein may be trademarks of their respective companies. White Paper citrix.com 7 Secure app and data delivery—across devices, networks and locations Additional Resources App Virtualization Solutions Compare XenApp vs. VMware Horizon