Akshay Kakar, Principal Product Marketing Manager at Citrix, contributed to this blog post.

Cyberattacks should be a concern for everyone — businesses, government organizations, and consumers. Among the targets threat actors focus on as they search for weak links are third-party contractors.

Why?

Third-party service providers are often given wide access to the organizations they support. Breach an organization’s infrastructure through an (often) insecure third-party contractor’s endpoint, and a threat actor can access sensitive data and critical resources. Many IT organizations don’t have the tools or processes to enforce customized security policies on contractors without affecting their ability to get work done. Even large, security-first organizations can be vulnerable to these types of attack vectors.

Citrix is uniquely positioned to protect application access for your organization — virtualized apps within desktops as a service (DaaS), non-virtualized IT-managed apps, and public SaaS. This is regardless of who is trying to access the apps — employees or contractors — and even if the access attempt is from personal or BYO devices that cannot have a software agent installed on them. In this blog post, we’ll look at how Citrix can help you protect your third-party service providers and your organization from bad actors.

Protect Contractor Access with Citrix’s Zero Trust Solutions

With Citrix’s zero trust capabilities, available for virtualized apps with Citrix DaaS and for non-virtualized IT-managed apps with Citrix Secure Private Access, you can grant “just-enough” app access to third-party contractors, allowing access only to the resources they need. End users get seamless access to all the resources they need on the devices of their choice, while cybersecurity teams can enforce zero trust security policies for DaaS and non-DaaS apps, all through a single vendor.

You can configure adaptive authentication to be dependent on broad and deep endpoint analyses, as well as identity validation through a native or third-party MFA solution. And because access is segmented (so no access to the entire organizational network), even if an infected endpoint requests access, lateral movement of threats can be mitigated.

Unlike competing solutions, Citrix’s technology includes app protection capabilities that add security policies beyond typical ZTNA controls. These policies offer a critical layer of defense against threats such as social engineering, phishing, key logging, and screenshot malware for corporate resources accessed on Windows, Mac, or Linux, through managed or unmanaged devices.

For example, keyloggers and screen scraping malware can enable bad actors to use stolen credentials to gain initial access. When present on a device, keylogging malware captures each key stroke entered by the user, including user names and passwords. Screen scraping malware takes periodic snapshots of the user’s screen, saving it to a hidden folder on the device or directly uploading it to the attacker’s server.

To counter these tactics, Citrix’s app protection policies work with the underlying operating system to ensure that threat actors only receive scrambled, undecipherable keystrokes (in the case of keylogger malware) or a blank screen (in the case of screen-scraping malware). Citrix’s app protection functionality can be applied at a granular level, based on the context of use. (This feature is currently in preview). For instance, for contractors coming through the external network, the IT admin team can enforce additional app protection controls and bypass the app protection controls for employees coming through the internal network.

Check out the video below to see Citrix’s app protection capabilities in action.

A third-party cybersecurity breach can mean millions of dollars in lost revenue, remediation costs, reputational risk, and potential regulatory fines. The per capita cost of a breach goes up by $16 per record when a third-party service provider is involved, so ensuring your contractors and others are secure is critical for your organization.

Get Started Today

Citrix DaaS and Citrix Secure Private Access with their ZTNA and app protection capabilities are available today to help protect you against a breadth of use cases. These are easy upgrades and/or extensions if you already have deployments of Citrix Virtual Apps and Desktops. Connect with someone from our team to discuss your needs.

We have also recently launched a preview for local app protection, which extends app protection policies to local applications on Windows devices. Local app protection capabilities will be integrated with Citrix Workspace app, so no additional agent is necessary. This feature will be part of the app protection entitlement when it is generally available.

Interested in participating in the preview? Submit your request today.


Disclaimer: The development, release and timing of any features or functionality described for our products remains at our sole discretion and are subject to change without notice or consultation. The information provided is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making purchasing decisions or incorporated into any contract.