We’ve all heard the alarm bells ringing — organizations around the globe are suffering from a cybersecurity talent gap. While this is a great opportunity for our future leaders, organizations need to cope with the demands of increased cyber threats. What to do? To hire or to reskill? In a recent Fieldwork by Citrix article, How security automation and reskilling programs can support today’s technology workforce, Kurt Roemer, Chief Security Strategist at Citrix, delves into the steps to take to retrain and reskill IT professionals for security roles. While it can cost six times as much to hire security talent from the outside rather than build skills from within, it is also essential to understand that it is not possible to convert IT staff overnight into highly skilled security resource. This is where automation, analytics, and machine learning play a vital role in security — even for seasoned IT security professionals.

The complexity of the security ecosystem, the number of vendors, and broad threat surface make it very complex even for seasoned IT teams to appropriately manage all aspects of enterprise IT security. Organizations need to simplify, consolidate and automate wherever possible — and the IT solutions they invest in need to enable this by providing an extensible platform. Citrix’s secure access solutions support this security platform by protecting users and sensitive corporate data. Citrix Secure Workspace Access, Citrix Secure Internet Access, and Citrix SD-WAN provide complete access and a security stack supporting organizations looking to deliver zero trust and SASE compliance.

Zero trust is achieved by implementing a framework or a collection of products with zero trust principles built in and integrated into a collective approach to achieve business outcomes.

If you are a Citrix customer, your current platform can simply be extended to support zero trust. If you are not a Citrix customer today, Citrix Secure Workspace Access can also serve as the basis for your zero trust framework.

These are the main features of Citrix Secure Workspace Access:

  • VPN-less — Bad actors utilize many attack vectors. A reasonably common target is leveraging known vulnerabilities in VPN solutions to gain full access to internal networks. VPN-less access provides access to internal applications utilizing only outbound connections, segmenting applications. All connectivity is outbound from the datacenter to the users, without even a firewall port opening. Other benefits include reduced management complexity, reduced attack surface, reduced traffic backhauling, and more. (Learn about the end of zero-day VPN attacks with zero trust.)
  • Single Sign-On and Multi-Factor Authentication (MFA) — Password spraying and credential stuffing are common types of attacks used to access critical systems. Citrix Secure Workspace Access offers MFA policies integrated with SSO. If your organization already has an enterprise or cloud-based SSO provider, you can integrate into Citrix Secure Workspace Access to extend security policies and contextual access.
  • Security Policies — Citrix Secure Workspace Access enables IT to implement security controls to applications to prevent data exfiltration. This includes policies to restrict copy/paste/print/download/navigation and the addition of digital watermarking to identify sensitive content and thwart malicious usage.
  • Contextual AccessCitrix Analytics integrates with Citrix Secure Workspace Access to provide continuous monitoring and risk assessment. This continuous monitoring identifies inconsistent and suspicious activities, providing insights into behavior across identity, devices, locations, networks, applications, and files.
  • Unified Application Access — Citrix Workspace is an OS-native (Windows, MacOS, iOS, Android, Linux, Chrome, etc.) application that provides a unified and cohesive view into all corporate applications (internal web, SaaS, VDI, and files), ensuring every employee has access to the applications they need to get their work done. It natively integrates with all security features in Citrix Secure Workspace Access.
  • App Protection Policies — Citrix Secure Workspace Access incorporates a secure embedded browser capable of applying stringent security with advanced capabilities for protecting corporate data from keyloggers or screenshot malware, in addition to extending security policies and contextual access to further protect browser-based applications.
  • Secure Browser Service — Enterprises want to ensure that even internal corporate applications being securely accessed via a VPN-less solution are not leaving any sensitive information (PCI, PHI, PII, etc.) on users’ devices even after the application is long closed. Citrix Secure Browser service, a secure browser hosted in Citrix Cloud, enables users to navigate the web and apps securely without introducing risk to the corporate environment. Threats that would otherwise be introduced by visiting malicious websites are instead isolated off the corporate network and devices. The browser is stateless and discarded at the end of each session, ensuring that any malicious software encountered while browsing the web never reaches your corporate infrastructure.

In addition to Citrix Secure Workspace Access, Citrix Secure Internet Access provides a cloud-delivered, comprehensive security service for protecting direct internet access to internet and SaaS applications. Citrix Secure Internet Access includes firewall, Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), malware protection, data loss prevention (DLP), and sandboxing.

Secure Internet Access is intended to protect users from insecure websites, prevent the infiltration of user devices with malware, and prevent exfiltration of important data, such as credit card or Social Security numbers.

While multiple solutions on the market offer related functionality, the ability to analyze and combine contextual data across all these services and capabilities make Citrix Secure Workspace Access a must-have tool. Moreover, when combined with contextual access, the work of managing security policies can be automated with rules, all managed in Citrix Cloud.

Security reskilling has to be done not only for IT but for all employees who need to be educated on how to avoid threats that may compromise the organization. IT, specifically, has a much bigger role to play in securing the organization, managing and monitoring all the possible attack vectors.

However, there’s a bigger role CISOs must take on in simplifying the IT security stack because operating with numerous vendors and tools is simply not scalable. Scalable security requires a scalable platform for supporting workspaces, infrastructure, applications, and content.

While Citrix Secure Workspace Access secures and simplifies access to corporate applications and data, Citrix Secure Internet Access is the perfect solution to protect distributed employees against a variety of internet threats — and in Citrix style, and it is also managed through Citrix Cloud, reducing the number of tools and vendors.

Learn more about Citrix Secure Workspace Access and Citrix Secure Internet Access; read our Fieldwork by Citrix article on security automation and reskilling; and find out why Citrix Workspace is a better choice than VPN for today’s remote workforce.