One of my favorite things about talking to Citrix customers and partners is hearing their stories. I’ve heard stories that are funny, scary, and sad, and ones so unbelievable they’ve turned me into the real-life version of everyone’s favorite reply GIF. Each is unique, and they always serve as a great reminder of the challenges customers face with their end users.

I’ve heard many stories with similar themes over the years. Here are four of the most common:

Of course I use the same password for everything. How else am I supposed to remember them all?

The great news about technology in 2019? There’s probably an app or service that will solve your business problem. The bad news? It’s going to require a unique user name and password. Research shows that the average employee has 191 passwords, so it’s difficult to blame those employees for poor password hygiene. But with 81 percent of data breaches being traced back to poor passwords, it’s mission critical for IT to secure the login process.

Citrix Secure Workspace Access can help IT do just that. Organizations everywhere are delivering all their key resources, like SaaS and web apps, virtual apps and desktops, and files, through Citrix Workspace. Customers can deliver single sign-on (SSO) to Citrix Workspace for their end users with Citrix Gateway service. With just one set of credentials to access everything they need, managing a secure login becomes much simpler for end users.

Additionally, part of the challenge that many customers face with managing identities and passwords is the mix of on-premises and cloud services they deliver to end users. Looking forward, we will support using Citrix Gateway as an Identity Provider (IdP) to Citrix Workspace (read about the public tech preview). This will help our customers leverage their existing investment in their Citrix Gateway, all while helping add a layer of security to their on-premises web apps through the application of Citrix Secure Workspace Access policies.

An employee left our organization months ago, but they still have access to critical resources.

Many organizations have become laser-focused on employee onboarding as one way to create a great employee experience. But the offboarding process hasn’t received the same amount of attention.

Most employees have access to a wide range of apps and file repositories, which all hold sensitive corporate data. Offboarding requires orchestration between several groups, including HR, IT, and Facilities. If there’s a miscommunication among the groups and revoking access to a critical app or file repository slips through the cracks, it can mean someone no longer with your company has access to company resources. This creates significant security risk, as employees that are no longer part of your organization can access and exfiltrate sensitive company information. If those employees are taking private data to competitors or exfiltrating PII or PHI, your organization faces significant financial risk.

Citrix Secure Workspace Access minimizes the security risk from departing employees through simplified offboarding. With Citrix Workspace, all their resources, including SaaS and web apps, virtual apps and desktops, and files, are accessed in one place with a single set of credentials. By simply revoking access to their Workspace, IT can cut a former employee’s access completely, eliminating this security risk for the organization.

There’s water cooler talk that downsizing is coming. I’m taking all my stuff with me just in case.

When people hear rumors that their job may be in jeopardy, some employees might prepare for potential job loss by downloading company information and transferring it to a personal device. This action may be innocent — maybe they’ll need to show their previous work to a potential new employer during an interview. But it could be malicious. Maybe they’re downloading sensitive company information with the intent to release it for profit or to embarrass the organization after they’ve left.

Citrix Secure Workspace Access can protect against malicious data exfiltration in a few different ways. To start, IT can apply added security policies to both SaaS and web apps when they’re accessed through Citrix Workspace. These added policies include restricting printing, downloading, and copying data locally, watermarking sessions, and more. With these added controls, IT can ensure that sensitive data stored in SaaS and web apps has an added layer of security.

Additionally, Citrix Secure Workspace Access comes with Citrix Analytics, which can detect anomalies in end-user behavior and take automated actions to protect your data when it senses potential security risks. These actions include session recording, expiring links to shared documents, and logging users out of their accounts. These automated actions proactively defend your infrastructure, helping resource-strapped IT departments protect their most valuable assets.

Citrix Analytics monitors and protects against anomalous end-user behavior.

Was I not supposed to click on that?

As IT professionals, you do everything you can to educate your end users about the risks of going to websites that can harm your network. But, it’s always better to have an extra safeguard in place. In addition to potentially risky links that live in your apps and data, there are also employees that work in a “gray area.” Take your social media marketing team, for example. Many organizations have taken the measure of blocking employee access to social media sites because they can be a breeding ground for malware. But the brave souls on your social media team need access because their jobs depend on it!

Citrix Secure Workspace Access can help protect against the dangers of web browsing. To begin, it provides IT with the flexibility to block access to sites. IT admins can block specific sites or entire categories, like torrents, gambling, or web-based mail. If blocking access is too restrictive, IT can also dynamically provide Secure Browser, a cloud-based browser hosted by Citrix, to their end users. When users click on a link, Citrix Secure Workspace Access will evaluate the site the user is attempting to navigate to. If it detects potential security risks with the site, it will launch a Secure Browser session for the end user, enabling them to securely visit the site. Because the browser is based in Citrix Cloud and disposed of after the session, any malware located on the site will never reach your infrastructure. This creates a “best of both worlds” scenario, where users can freely navigate the web and IT can rest easy, knowing they’re protected from the dangers of the web.

Check out the Tech Insight below from my colleague Dan Feller.