In previous posts in our business continuity and Citrix ADC series, we discussed the following five objectives for business continuity and the importance of considering them all to ensure business success:
- Ensure workforce productivity, application availability, and end-user experience
- Scale IT infrastructure during unforeseen demand
- Respond faster to restore application performance
- Maintain visibility and control
- Remain secure and compliant always
We’ve examined the first four objectives — maintaining application availability, scaling IT infrastructure, why rapid response is crucial in business continuity, and maintaining visibility and control. In this final post, we will look at the importance of security and compliance in business continuity and how Citrix ADC and Citrix Application Deliver Management can help.
The security of a business and its applications is always crucial. During a crisis there must be extra vigilance because the business is already more vulnerable. Maintaining security prevents a crisis from becoming a disaster and ensures a business is still trusted by its employees and customers.
You are more vulnerable to cyberattacks during unforeseen events, but to maintain productivity during a crisis, you must provide application access to users from home or other environments. Frequently this also means users will use non-corporate machines over which you have little control. Similarly, access to customer applications may well increase as online interactions rise. This means that the IT department is tasked with maintaining application availability and delivering the best experience to employees and customers. With attention diverted to tackle these issues, it’s all too easy to let security standards slip and let hackers penetrate your systems.
During unforeseen events, there is an undeniable, and more pressing, need to protect remote access as well as the apps themselves. Additionally, you must know that applications, data, and resources are secure and meet corporate and regulatory guidelines.
You need a business continuity plan that addresses all these challenges and ensures your users and apps are protected. Let’s take a look at how Citrix Application Delivery Controller (ADC) and Citrix Application Delivery Management (ADM) can help you secure your workforce access, productivity applications, and customer transactions.
Secure, Contextual Remote Access to all your Apps
You first priority is to get your workforce back to being productive. This sometimes means your employees will be working from home or some other convenient place. You must provide remote access, and you must do it securely.
Citrix ADC integrates secure, contextual remote access capabilities for all your applications. Access to Citrix Virtual Apps and Desktops is secured via ICA Proxy. Clientless, and full SSL VPN capability is integrated into every Citrix ADC device and can be used to access web, mobile, and SaaS applications from any device.
Full endpoint analysis (EPA) is available to inspect devices for compliance with your security standards both before and after authentication and periodically throughout the session. This ensures that your users can be given access to applications while protecting the applications and other users from cyber threats.
Citrix ADC has a fully-fledged AAA module built in to handle authentication, authorization and accounting of users and their actions when they access applications. With Citrix multi-factor authentication, you can even build variable authentication policies that are contextual to the type of access. For example, if a user is accessing apps or data from a corporate office you might only need to request their user name and password. If they are accessing from a remote location then you might want to add other methods of authentication like a one-time password.
Always-on, Holistic and Layered Protection for Apps
Citrix ADC adopts a holistic and layered approach to application security, offering comprehensive protection from attacks at L3 to L7 for all your apps — monolithic and microservices-based alike. A variety of techniques such as access control lists, fully integrated web application firewall (WAF), bot management, and API protection are augmented with best-in-class SSL/TLS encryption performance andd deep analytics, which all serve to bring you holistic protection that will secure your applications during an unforeseen event as well as during normal operations.
Consistent Security Posture Across Multi-cloud
It’s vital that your business works with a consistent security posture across their deployments. When you have to migrate workloads to a new cloud during a disruption, you need to keep it secure.
A single code base across the Citrix ADC portfolio brings operational consistency to all form factors and across all the public and provide cloud deployments. This means that security policies are portable and you can ensure a consistent security posture across your applications wherever you need to deploy them, even during a disruption. With Citrix, all security policies can be deployed and controlled from a single pane of glass in the cloud, so they’re always accessible and available.
Built for Governance and Compliance
Citrix ADC and ADM not only ensure that you can maintain a consistent security posture, but also that you can demonstrate it. The comprehensive visibility available from Citrix ADM enables you to prove that you are in line with your corporate policies always.
Citrix ADM will alert you to any config drifts automatically, including those that might violate security policies. For example, through Citrix ADM’s SSL/TLS dashboard you can define which SSL protocols, ciphers, key strengths, certificate issuers, and more are acceptable for your deployments and then enforce and monitor against application access. This ensures that during any unforeseen event, when you need to set things up quickly, your admins can’t accidentally leave a hole in your security posture through which bad actors can come in or sensitive data can escape.
Citrix ADC has all these capabilities and much more across the entire ADC portfolio. This enables you meet your security needs whether you deploy your applications on premises or in the public cloud. There is even a range of Citrix ADC FIPS certified devices (physical and virtual) to ensure you remain compliant with your security requirements.
The single platform approach with a single license (Premium) to enable all this functionality means that you can always be confident that your applications and infrastructure are protected during any business disruption.