Citrix has long been a trusted partner for secure, consistent delivery of the applications your employees need to be productive. But we know there’s no single approach to safeguarding both your workforce, and your apps. Start your Citrix Security Summit experience with a security overview from Citrix CEO David Henshall and learn how we’re innovating to help you to secure your workforce and your apps in the way that fits your organization best.

Citrix’s Security Strategy: An Overview

Security is the bedrock of what Citrix has done for many years — securing apps, access, networks, data, and endpoints. Over the last decade the set of applications that organizations want to secure has shifted from those running in the datacenter or on desktops to also include mobile apps, web apps, SaaS apps, and other third-party services.

New work models create opportunity and increase the attack surface. But the deployment and integration of tools designed for protecting individual apps or devices has led to inconsistent enforcement of security policies, increased cost and complexity, and a poor user experience.

Citrix protects the user by protecting the workspace, providing a secure container with integrated access security and app control to prevent data leakage and protect users from endpoint threats. Our work aligns with a zero trust philosophy, where we assume nothing and trust nothing about a user or application. As they present more valid verification, trust increases and we give them more access.

This is different from a VPN approach, where once you’re in, you have access to everything. A zero trust model enables continuous risk-based analysis and evaluation of the trustworthiness of a user or device to provide the right access to that application at the right time.

You can’t do zero trust alone, though. It requires a comprehensive partner ecosystem. For example, our Citrix Ready Workspace Security Program addresses compatibility of integrations across application and network security, analytics and visibility, data and device security, and more.

We’re excited to announce that we’re expanding this program with partner solutions that have zero trust principles built-in and integrated with Secure Workspace Access, Citrix Endpoint Management, and Citrix Analytics for Security. This provides a collective approach for customers to simplify the selection of security vendors while leveraging existing investments to drive zero trust outcomes.

We’re engaging with like-minded partners, including Cisco, Google Cloud, and Microsoft, who are willing to share data and insights that allow us to deliver more comprehensive and more secure solutions to our customers. The Citrix Ready Workspace Security Program with Zero Trust provides customers with a more comprehensive way to implement and achieve zero trust outcomes, with a choice of vendors to use with Citrix Workspace or to reuse existing investments.

We live in an app and API economy. Applications are valuable, governing everything a business does, but they’re a vulnerable asset. It’s challenging to keep up with the volume and sophistication of threats that apps endure, but it’s critical to protect them. That’s why we continue to invest in technologies critical to securing workspace and app delivery and that enable a zero trust approach.

We know your organization faces new challenges in managing a more diverse infrastructure, a more diverse population of users, and a more varied set of applications, and we’re aligned with that new reality. Citrix and our partners are committed to delivering solutions, centered on zero trust, that enhance your enterprise security posture and help you to secure your workforce and your apps.

Learn more about our security strategy in the video on our Citrix Security Summit page and keep reading for more on how we’re innovating to help our customers strengthen their security posture.

Securing Your Workforce

Protecting your enterprise can lead to a constant tug of war between security and user experience. Add more tools to manage apps and access, and you end up driving more friction in the user experience. But with more remote workers than ever, organizations face unprecedented risks while, at the same, needing to focus on delivering a great user experience.

Citrix solutions let employees work securely, the way they want. Our holistic approach to securing the workspace focuses on:

  • Securing employees, whether they’re local or remote
  • Securing infrastructure like the network edge and devices
  • Securing virtual, web and SaaS apps
  • Delivering continuous assessment of access and usage behaviors

We’ve built Citrix Workspace to be a secure container using Citrix Secure Workspace Access. A zero trust solution, it combines invisible security with integrated intelligence, letting users focus on work while ensuring security policies don’t get in the way. Citrix Secure Workspace Access provides:

  • Access and app control to protect users from keyloggers and phishing attacks, without leaving any sensitive information on the device.
  • A cloud-based, isolated web browser that separates “gray site” browsing activity from the device, reducing its attack surface.
  • Built-in device management with the Citrix Workspace app and customers’ choice of MDM provider or MAM such as Microsoft Intune.
  • Support for integrated multi factor authentication and SSO and an out-of-the-box ecosystem of integrations across identity providers, security vendors, and cloud providers.

While Citrix Workspace is a powerful secure container, we know some apps will continue to be delivered on the device. These still need to be secured.

That’s why we’re pleased to announce Citrix Secure Internet Access, a comprehensive, cloud-delivered security service that includes secure web gateway, cloud access security broker, next generation firewall, malware protection, and network sandbox, all of which you manage from a single pane of glass.

IT admins can ensure consistent security for all users, anywhere, using any app via any device. We leverage threat intelligence feeds from more than 10 engines, including Bitdefender, Cisco, FireEye, Google Safe Browsing, Internet Watch Foundation, and ProofPoint.

As a unified security stack, Secure Internet Access provides simple, rapid deployment, automated updates for the latest protection, and deep visibility and forensics to identify specific security incidents, unusual behavior, and policy violations. Pair Secure Internet Access with Citrix SD-WAN and you can deliver Secure Access Service Edge (SASE).

Securing Devices

We’ve secured the Workspace and our internet connections. What about devices?

In our new world of hybrid work, employees must be able to work on any device. To enable secure endpoints, we’ve worked closely with Microsoft to harness their Graph API and deliver great management capabilities like the ability to configure Intune App protection policies for Office 365 apps from the Citrix Endpoint Management console. Recently we’ve added micro VPN capabilities for the Edge browser, and we’ll soon support Azure AD-based device conditional access via Intune compliance APIs.

Securing Connectivity to Cloud and SaaS

There are also devices in the enterprise, many cloud-connected, that need to be secured — VOIP phones using cloud services, networking printers, security cameras, retail devices, and more. Add that to the unsecured native apps outside the workspace, and that’s a lot of connections to the cloud. The traditional hub-and-spoke model isn’t built to handle this, and user experience has suffered.

Citrix can securely deliver Citrix Workspace and other apps and provide secure device connectivity to cloud and SaaS apps. Our solution includes Secure Workspace Access and our SD-WAN cloud services, ensuring complete security and consistent performance for employees. WAN Edge security is built into Citrix SD-WAN and, combined with our Cloud Direct OTT service, enables high-performance, secure SaaS access across a POP network.

Citrix Analytics for Security

Citrix Analytics for Security harnesses the telemetry across all enforcement points and uses machine learning to continuously assess user risk to detect and mitigate potential security threats without needing to add dedicated resources to manage it all.

Citrix Analytics for Security continuously monitors and assesses user risk based on how, what, and where an employee accesses corporate resources, as well as what they do with those resources, even after successfully logging into corporate networks.

As employees traverse networks, devices, access files and apps, their behavior is analyzed to detect anomalous activity, and their actions are reflected in a unique risk score that’s used to help quickly identify high-risk users. With comprehensive policies that you set up, it automates the remediation of those threats by taking actions that are aligned with those policies across Citrix solutions.

A People-Centric Approach to Security

Citrix delivers holistic security based on a zero trust approach across all device types and enforcement points, with the benefit of analytics. For employees, it’s a people-centric approach that doesn’t sacrifice user experience. And for IT, it’s intent-driven with administrators declaring what they want based on user needs and the system enforcing those policies.

Learn more on our Citrix Security Summit page about our security innovations and the work we’re doing with our partners to secure the workspace and protect organizations’ most valuable assets.