It is universally agreed that ‘authentication and login security’ is critical to ensuring access and network security into an organization’s assets.

While login security is critical and constantly evolving, it’s important to manage this whilst ensuring end user productivity. Simply prompting users to enter username and password at any point in time due to inactivity or while accessing a specific application is not the best security measure as it disrupts end user productivity to an annoying extent. Employees not only have to re-enter passwords every time, but this can also lead to users leveraging weak passwords to get to their tasks sooner and caching of passwords which can lead to phishing and/or cyber-attacks. 

The solution is more nuanced, and Citrix continues to simplify the complexities of different configurations here by delivering solutions to help streamline a secure, user login experience. Login security over different access modes, web or the client apps across OS devices, has certainly evolved significantly over the past few years. The evolution has taken organizations from single factor to multi-factor to passwordless authentication.

While passwordless authentication is promising, its adoption across different operating systems and compatibility across end user applications must catch up, as well. The question you may be asking with all of this is, “in the context of organizations who leverage secure access to their resources through Citrix Workspace app, do these authentication requirements apply?” 

And the answer is yes, they absolutely do. Let’s take a closer look at how improvements to Citrix Workspace app help with better user logins and security.

Getting more with Citrix Workspace app authentication

Logging into Citrix Workspace app will deal with streamlining the end to end authentication to access various desktops and apps running within the session or web and SaaS applications authorized for a user to access. However, a layer of complexity is added as organizations can be leveraging different IdPs (identity providers) to deal with endpoint, server, and directory login security.

IT departments often have a challenging decision to make as they must play the role of a banker to the data and company assets, whilst also ensuring employee productivity is not hampered. This leaves admins asking where and how they balance everything.  

Citrix has been in the forefront of providing flexible authentication options to customers based on their journey towards passwordless authentication and based on their unique heterogenous needs across different departments. We have recently released a tech brief describing the different authentication options available to you to choose from based on your company needs. 

The brief covers all authentication options administrators can enable in line with the identity provider enabled in the organization across on-premises and cloud environments. The brief also gets into the detailed nuances of how these options available will behave over web, native client apps across OS.

Let’s take a sneak peek at the authentication options for Citrix Workspace app that are covered in the brief:

  • User activity options: Different options and configurations available to prompt users for login based on user activity or company policy to keep the Citrix Workspace app disconnected after a specific time. Some of these configurations include: 
    • Force prompt login into specific applications and how it works with single sign on (SSO) options into VDI sessions.
    • Persistent login that allows users to stay logged in using long live tokens for better user experience and increased employee productivity. This is today supported only on cloud stores.
    • In on-premises scenarios, organizations can set a force timeout on Citrix Workspace apps irrespective of activity
  •  Inactivity timeout:  This is often leveraged in scenarios of shared devices, branch offices in banks, retail stores to ensure no bad actors misuses data when the legit user is away from their device.
  • Domain pass-through:  Enabling users to login directly to Citrix app and further virtual sessions when logged in to their windows OS laptop. This becomes extremely convenient for users. Read the brief in detail to understand the configuration where it is supported – scenarios with Active Directory, AAD directory and the IdPs that supports integrated Windows Auth in both on-premises and cloud scenarios.
  • Smart card and derived credential support: This is prevalent particularly in the defense or federal segments and some banking organizations. The brief also covers Passwordless authentication support with smartcards and its behavior based on the device OS.
  •  Passwordless, FIDO2 framework also supports on-premises and cloud environments.

Learn More

It is clear that there are a number of ways to configure authentication for Citrix Workspace app to work the best for your IT teams and your users. Be sure to read the Tech Brief for insight on all the possibilities we support for organizations and their environments.

Citrix continues to evolve based on the needs we see with our customers, so please offer any feedback you may have in the comments below.