Announcing the technical preview of Citrix Access Control
Key Features: SSO to SaaS, web and Citrix virtual apps and desktops; web filtering to control user access to unsanctioned SaaS apps and the internet; cloud app control to manage access and data after the user authenticates to SaaS and web apps.
As enterprises embrace hybrid cloud, SaaS, and web apps, they face challenges ensuring a consistent end user experience, and guaranteeing security and compliance across their SaaS, hybrid, and multi-cloud application delivery environments. Citrix’s differentiated approach to security with secure digital perimeter (SDP) extends the perimeter into the cloud apps and across multiple devices and networks where business is conducted and workers are collaborating.
Enterprise IT teams claim users are connecting to anywhere from three to 20 and more SaaS apps to get their work done. Many of these apps are not sanctioned by IT or the business. IT has limited visibility and control on the information that gets stored in these unsanctioned SaaS applications. This behavior leads to two challenges: (1) How can IT and security teams control company information and intellectual property from being shared with or stored in unsanctioned apps? (2) How can an enterprise effectively apply controls to the actions of users once they have authenticated to a set of sanctioned SaaS apps?
While the traditional single sign-on (SSO) and Identification as a Service (IDaaS) solutions provide a great end user experience and a platform to define and enforce all access control policies in one place, enterprise IT and security teams are looking for more than just traditional SSO to enable better control of the access and use of SaaS and web apps. According to the Cloud Security Alliance, nearly 77 percent of SaaS-adopting enterprises have experienced SaaS-specific security incidents.
Recently, we announced the Citrix Gateway service which provides single sign-on (SSO) to SaaS, web and Citrix virtual applications. Today, we are taking a big step forward with our secure digital perimeter strategy. Citrix is announcing the technical preview for a new cloud service, Citrix Access Control (CAC), which builds on the SSO and multi-factor authentication (MFA) capabilities included in the gateway service to offer additional granular policy control for the access and use of SaaS and web applications. Together with advanced analytics based on user behavior analysis and their risk scores, CAC strengthens the overall security posture of delivering the secure digital workspace to the enterprise end users.
Laura Padilla, Head of Business Development and Channel at Zoom, a 2017 leader in the Gartner Magic Quadrant for modern enterprise video communications and a Gartner Peer Insights Customer Choice Awards, had this to say: “We bring teams together in a frictionless environment to get more work done. We’re excited to partner with Citrix for our mutual end users to benefit from an instant sign-in experience via Citrix Workspace SSO, allowing IT admins to gain more visibility and control with Citrix Workspace Analytics.”
Citrix Access Control enables IT and the security teams to better control and monitor company data in SaaS and internet applications. This helps strengthen compliance requirements for example, with the Children’s Internet Protection Act (CIPA), a federal standard to prevent school children or enterprise users from unwittingly visiting malicious websites.
In particular, Citrix Access Control provides the following benefits:
- Enhanced security and visibility for SaaS and web with the enhanced cloud app control capabilities
Enterprises can protect intellectual property and prevent it from falling in the wrong hands. Actions such as copy, paste, download, and watermarking pages, can be controlled for sensitive information and files.
- Monitor and control access to unsanctioned SaaS apps and the internet
IT and security admins can blacklist and whitelist URL categories to permit or deny access to websites and also monitor and take actions on usage of unsanctioned SaaS apps and internet sites.
- Multi-Factor Authentication (MFA) with support for Microsoft Azure AD and on-premises
The current Citrix Gateway service supports Microsoft Azure AD for MFA, as well as on-premises Active Directory for 2-factor authentication using native one time password (OTP). For more, please refer to the Citrix Gateway service announcement.
- Pre-configured application catalogs
Citrix Access Control supports well known SaaS apps (see below) in its out-of-the-box catalog. Admins can use pre-configured application templates to publish the apps and configure single sign-on policies.
Microsoft Office 365, Salesforce, GSuite, Slack, Zoom, Expensify, Workday
“We’re excited to work with Citrix on their new Workspace offering to save time and improve the experience for mutual customers,” says Jason Mills, Director of Sales and Success at Expensify. “Our joint customers will benefit from a seamless and unified user experience with secure access and SSO to Expensify along with all their other apps.”
Citrix Access Control together with advanced analytics enables IT and security teams to identify and prevent malicious user behavior. With risk indicators and criteria to help detect user anomalies when using SaaS applications, admins can configure the policy controls to quickly identify and alert IT about bad or risky user behavior. This lowers the risk of insider threats and enables IT to deliver a secure digital workspace.
Citrix Access Control helps enterprises that need to execute the following use cases:
- Require SSO and the ability to apply security controls on the use of SaaS
- Require control of user access and the usage of unsanctioned SaaS apps
- Require SSO support for XenApp and XenDesktop cloud service or for on-premises deployments
With the CAC service, XenApp and XenDesktop customers get unified experience and SSO across all application types. Because all the access and usage traffic will go through this service, CAC allows for end-to-end visibility and control over data in SaaS and web applications.
In summary, enterprises have become more susceptible to cyber-security risks as work becomes more distributed and employees use cloud apps without IT’s knowledge and consent. IT is increasingly uncertain about which SaaS and web apps are being accessed, or where sensitive data resides. Citrix Access Control alleviates such cyber-security concerns; it provides IT and security teams with policy controls they never had before for managing the access and use of SaaS, web and the internet sites.
How to access the Technical Preview for Citrix Access Control
If you are interested in test-driving the technical preview, please send in your request here. We are accepting requests, starting today.