In this new era, Applications, Services, Content, and Identity move increasingly into the cloud, and employees can work anywhere, with their own devices and identity systems. These changes present a new and complex set of challenges for Enterprises – challenges that Citrix technology is uniquely able to overcome. Unlike in consumer scenarios, “rip and replace” is not an option, as Enterprises require ongoing management and support for a diverse set of application assets. At Citrix we believe the key to solving this problem is ANY-ANY-ANY – allow any app of any era to work on any device, from anywhere. Citrix does this through a mobile workspace – a portable, always on, always connected working environment that follows an employee no matter where they go, no matter what device they chose to use, and no matter what connectivity they happen to be leveraging. There are a variety of technologies that enable the mobile workspace. For users to get the most out of these new solutions, a mobile workspace incorporates the following six characteristics:
- Access to any and all applications
- Access to corporate data
- Access to collaboration tools
- Access to the intranet and other internal resources
- Content access where people are and from the device of their choice
- Flexibility for IT to provide services over any network from any cloud
In this paper, we will focus on three areas that are driving the need for a mobile workspace: apps, devices cloud services.
Deliver Any App to the Mobile Workspace
Traditionally, Enterprise applications were synonymous with the desktop PC, and the ubiquitous Windows Operating System. The future holds an explosion in the number and diversity of platforms and applications in every Enterprise. This rate of change is continuing to accelerate – IT is scrambling to enable productivity whilst ensuring that standards of security and compliance are upheld.
Two key transitions are now firmly established in the Enterprise:
- Transition to Web – The vast majority of net-new applications developed in the Enterprise are developed for the web, and have been for the best part of a decade.
- Transition to SaaS – For horizontal applications, such as CRM, Enterprises that haven’t adopted SaaS are now the laggards. Applications specific to industry verticals are following a similar model, but are slightly behind horizontal applications in adoption.
On the back of the transition to Web and SaaS applications, and the move towards mobility, the nature of applications and application delivery is evolving:
- Task-oriented micro apps – Traditional enterprise apps are oriented around keyboard + mouse interaction. These applications, even if delivered to a smartphone or tablet are cumbersome to use. Instead, smartphones and tablets are better suited for the development of task-oriented micro apps and touch-based interaction. The greatest benefit is gained by re-evaluating how users use existing applications together. Successful task-oriented micro apps are driven by user behavior. They focus on the most critical user activities and integrating workflows from across multiple pre-existing applications.
- Sensor integration – The sensor capabilities of modern devices is driving change in how applications work. Instead of asking for a location, the device can detect it. Instead of attaching a photo to a record, the app can enable the user to take a photo with their device. Sensor integration can increase security and simplify user workflows.
- Web services – Enterprises have valuable data repositories that are often locked behind proprietary APIs. The first stage in enabling Mobile and Micro apps is to expose the data repositories as web services. Often the new task-oriented apps are integrating data from multiple web services.
- OS diversity – We’ve gone from a world where Windows (win32) was ubiquitous, to a world where Windows, iOS, Android, Windows Modern, Linux and OS X are mixing together – based on device availability, personal preference and cost. Often, the goal now is to provide a capability, such as editing and viewing Microsoft Office documents, across many Operating Systems using the applications that are available.
- Collaboration – Working with colleagues and customers in distributed locations is increasingly important. A mobile workspace must include the applications and tools that enable people to collaborate, videoconference, and share files as if they are all in one place.
- IT Services from any network or any cloud – Applications are no longer simply delivered from the local data center or over the LAN. Instead, applications must be able to run in any cloud (private, public, or hybrid) and be delivered over any network (LAN, WAN, 3G/4G, etc.). A mobile workspace must allow IT the flexibility to host services in the most appropriate place and deliver them, with a great user experience, over any network.
Micro apps often augment rather than supplant existing applications with users switching between phones, tablets and laptops throughout their day. This is very much a story of IT managing more and diverse apps, rather than replacing them with a new generation.
Developing the next generation of apps requires new developer skills - adopting new frameworks, languages and development environments. The flip-side of exposing data as web services is that web services need to be carefully designed to ensure performance and security over high-latency, low-bandwidth and lossy public networks.
Today, there is no “Tier 1” development platform that works across all Operating Systems and device form-factors. The market is rapidly evolving and we believe there will eventually be a new development platform for this next generation of apps. One particular trend is around platforms that enable rapid app development, evolving from the market currently served by customizing Microsoft Office. These platforms will endeavour to enable “code-light” app development where mashing together web services will feature strongly.
Application Convergence in the Mobile Workspace
We believe the only way for IT to get their arms around the quantity and diversity of applications is with a converged management and delivery platform that embraces both traditional enterprise applications as well as the next generation of applications. Together XenApp and XenMobile form that platform.
Using XenApp, our customers deliver traditional enterprise apps and first-generation web applications to any device. We continue to invest in this capability – enabling our customers to rapidly adapt applications for mobile device form-factors through dynamic re-skinning and gain access to device sensors, such as GPS, cameras, etc. via the Mobile SDK for Windows Apps.
Our strategy also includes the ability to “Worx-enable” the next generation of mobile applications – either through app-wrapping, by developing against the Worx App SDK, or simply by accessing internal web applications using the WorxWeb application. This brings a consistent platform of encryption, data-loss prevention and single sign-on to any next-generation mobile application.
With XenMobile’s Micro VPN capability, Worx-enabled applications can securely connect back to the corporate network to access web services. This greatly reduces the cost of developing web services that are robust enough to face the public Internet, ensures the security and integrity of transmitted data and avoids increasing the attack surface of the enterprise.
Deliver Corporate Data to the Mobile Workspace
Information is growing amazingly fast, doubling every 18 months. We are overloaded personally and at work with the influx of information from mail, web, social, news, books, media, web portals, etc. The information to run our lives and businesses more effectively exists if only we could master it.
SaaS is transforming the nature of enterprise data – every service is a new silo managed according to its own policies and practices.
We see four laws for being effective with content:
- Stored anywhere from cloud services, to on premise servers, to laptops/desktops, and to mobile devices.
- Available everywhere it is needed… follows users on all devices and is cloud synced and device cached.
- Effortlessly accessed through common services such as search.
- Protected from loss through encryption and controlled by policy.
ShareFile is Citrix’s integrated solution for content in the cloud. With ShareFile Storage zones, you can choose your own storage location in any cloud or on premise, making content available everywhere.
We also embrace other cloud storage solutions. For example, enabling XenApp-hosted applications direct access to files stored in Google Drive in Chromebook environments.
Deliver your Mobile Workspace to Any Device
The increasing diversity in applications is driven by the rise of powerful, diverse mobile devices – smartphones and tablets. Instant start, touch-based UI, high quality graphics and a rich collection of sensors are assumed.
As with laptops, IT has to worry about any stateful device. If a device might contain confidential documents, personally identifiable information or regulated data, IT asks the same questions. What if it is lost or stolen? What if an employee leaves to work at a competitor?
Smartphones and tablets are the epicentre of the “Bring Your Own Device (BYOD)” trend. Organizations that embrace this trend benefit from better experience for the end user, better cost control for IT and the end to the curse of carrying multiple separate devices for work. BYOD is not the reason why device management matters, but it is one of the main drivers for many companies who, until now, have turned a blind eye to what happens if a device gets lost.
Does that mean the desktop is dead? Far from it. Whilst consumers may choose an iPad over a laptop, in the world of business, the laptop, and by extension the desktop, is still the device of choice for a majority of use-cases. Mobile devices enable new use-cases, and fill use-cases for which laptops used to be the “least worst” option – as mobile devices improve, people will find that they can leave the laptop at home more often. As with all things in IT, we see this as accretive. People will need to perform brief, task-oriented interactions from smartphones and tablets when out and about – but when sitting down for an 8-hour work session, they will still want a large, high-quality display and a high quality keyboard, whether in a desktop or laptop form factor.
XenMobile, an enterprise mobility management solution, offers a number of capabilities to address both the concerns and opportunities that the increase in diversity of stateful devices is bringing. These capabilities are broadly grouped into two classes:
- Mobile Device Management (MDM) – MDM provides a set of functions ranging from device registration, auditing, automated software deployment, device configuration and the ultimate sanction of remote wipe. IT can use MDM in a very lightweight way, or for more extreme lockdown. We recognize that different companies will have various needs, and endeavour to cover all of these cases. XenClient brings many of the same capabilities of MDM to Windows laptops.
- Mobile Application Management – Regardless of whether MDM fits a particular scenario, there is often a need to control individual applications more closely – for example, allowing a trusted corporate application access to an intranet site, but blocking that same access from a consumer app. This use case is often driven by BYO policies, but the reality is that unless devices are completely locked down users will often install software that IT might prefer they didn’t.
XenApp also embraces the opportunity provided by ever more powerful stateless end user devices – delivering touch-oriented experiences, ever smarter remoting technologies that adapt to a wider range of network conditions and enabling the richest of user experiences. When possible, the best defence against device loss is to never have sensitive data present.
What does the future hold for devices? From current trends, it’s clear that there will be more new devices and increasingly diverse devices in the market. It is doubtful that even a tenth generation Siri and Google Glass will replace the need for PowerPoint or Excel – but undoubtedly there will be new opportunities that we are only just beginning to dream of.
If there’s one theme you can take from the “Internet of Things” and wearable technology, it’s that device-to-device interaction will only increase – with multiple smart devices co-ordinating to enable us to perform tasks more efficiently. This interaction is powered by yet another set of application platforms, such as the SDKs for Google Glass and the Pebble smart watch. You can expect Citrix technologies to both embrace this trend to deliver richer experiences, but also to enable it – seamlessly bridging the Internet of Things and wearable devices into enterprise applications and services.
IT has a core role as devices continue to diversify and proliferate and are used to access corporate data and applications. People will expect ever more consistency as they hop from device to device. We believe Citrix is uniquely positioned to meet these new opportunities.
Deliver Cloud Services to the Mobile Workspace
We’ve seen how the increasing capabilities and diversity of devices is driving diversification in applications. Cloud Services are the fuelling adoption and empowering the growth of “shadow IT” in the enterprise. These services reduce the barrier to adoption to such a degree that IT is often the last to know about new applications that are implemented.
Citrix has a multi-layered approach to cloud services that include powering the public cloud, delivering applications from the public cloud, bridging to the public cloud, and enabling enterprises to host their own services in the cloud.
Powering the public cloud
Citrix is invested in some of the core technologies that power the public cloud. Billions of people depend on the capability of NetScaler to power Cloud Services on the Internet every day. The largest public cloud is powered by the Xen hypervisor.
We firmly believe that the public cloud is a viable platform for most IT workloads, and will become transformational in how those workloads are architected. Public clouds enable a level of global presence never before conceived – very few enterprises could offer the points of presence available from the very largest public clouds and content delivery networks, many of which are powered by Citrix technologies. This global presence dramatically changes how applications are architected. Content and processing can be located within milliseconds of any user across the globe.
Delivering from the public cloud
Today, Citrix has a comprehensive portfolio of SaaS products available – from collaboration tools, such as GoToMeeting and Podio, through to hosted XenMobile-as-a-service. Looking forward, we see three strong paths for our customers to consume our products as cloud services:
- Directly from Citrix as vanilla services, as with our current SaaS offerings – Today, we serve over 650,000 unique customers and deliver more than 600 million minutes of audio every month.
- Through our Cloud Service Provider partners who offer differentiated services – We support more than 2600 partners delivering services to the hundreds of thousands of users every day.
- On top of public cloud Infrastructure-as-a-Service – While a limited number of customers do this today, we expect to see rapid growth driven by enterprise data and services migrating to public clouds.
Bridging to the public cloud
In many cases, real-world considerations around security, performance, sovereignty and regulation will dictate that many IT functions must be provided from traditional data centers. However, that shouldn’t prevent our customers benefiting from the economics of the cloud. Bridging to the public cloud takes a number of forms:
- IT as a Service Provider – Enabling customers to structure their own IT as a service provider, with the goal of enabling self-service throughout the organization. People should expect the same behaviour regardless of whether a service is provided in-house or from a public cloud.
- Services + Appliances – Even though products are delivered in SaaS form, they often need a component located within the customer network. That may be an interface with a service such as Active Directory to ensure network traffic takes the most appropriate route between two end-points. We see “management-free” appliances, centrally configured, secured and updated as the most efficient way for IT to consume products that need a presence on the customer network.
- Network transparency – Connecting customer networks securely and efficiently using NetScaler SD-WAN.
Managing Identity Across Apps, Devices and Cloud Services
Establishing identity has been, and will continue to be in the mobile workspace, the basis of authentication and access control to apps and data. However, by virtue of the changing nature of apps and data, and the proliferation of different devices and platforms, organizations will need to change their approach to establishing and managing identity.
Today most enterprises own and manage their employee and customer identities and authentication systems. These companies store vast amounts of data about their users and customers, and secure this and other corporate IT assets using these same authentication methods. However, identities in the consumer world are increasingly being managed and maintained through social networking sites (e.g., Facebook, Twitter, and LinkedIn) or OS vendors (e.g., Google, Microsoft, and Apple) that users trust. Increasingly, SaaS vendors are accepting authentication tokens from these consumer identity management points.
In addition, innovative new authentication methods are being introduced directly into new devices (e.g., biometrics like finger print and retina scanning). This will result in identity management and authentication solutions available to anyone with a smartphone that are both superior and easier to use than those implemented by most companies.
Changes to consumer identity management and authentication, along with the very real threat of losing user and customer data in cyber-attacks will drive most companies to store less customer/user specific data, and increasingly rely on trusted 3rd party solutions, likely from the consumer space. And, enterprise network, app and data solutions will increasingly begin to implement access, DLP, and general security policies based on these federated identities.
Citrix is enabling customers to embrace this change through management of accounts in SaaS services in XenMobile, and federated authentication in our SaaS products. As part of converging traditional and next generation applications and empowering the mobile workspace, we see a strong trend in enabling federated authentication to all enterprise applications.
The Future of Application Delivery
In this document we have looked at the challenges presented by the new era of Computing. Citrix enables enterprises to deliver any application, on any device, from anywhere through a mobile workspace. Looking forward, the pillars of our technical vision to reimagine the mobile workspace are:
- Harmonize all applications – Windows, web, SaaS or mobile – delivered to any device from a single platform, controlled by a single pane of glass.
- Empower self-service – Enable managers and employees to manage the life-cycle of all data, applications and devices – supported and protected by IT.
- Accelerate the adoption of cloud services – Empower every organisation to benefit from the capabilities of the public cloud – but also bridge the silo’s creating by cloud services, providing an engine for collaboration.
We believe that by focussing on these pillars, we’re enabling our customers to rethink their workplaces and workspaces. Work is something you do, not a place you go. This changes not only the design of our offices and workspaces, but that of our homes and cities, and ultimately the way we live. This is the Citrix Vision, empowering people to choose when, where and how work gets done, giving them a new level of freedom, flexibility and choice. Ultimately it is about creating new ways for people to work better.