At Citrix, we spend a lot of time thinking about secure access: how work has changed, how security expectations have changed, and how organizations are trying to keep up without slowing their teams down. We’re focused on solutions which simplify secure access, reduce complexity, and reduce the cost of operations.

One thing comes up again and again. While user access has become simpler, high privileged secure, administrative access often hasn’t.

Admins are still juggling VPNs, jump hosts, special devices, and one‑off workflows just to do their jobs. It works, but it’s rarely elegant—and it’s rarely aligned with how modern secure access is supposed to feel. Worse, it can expose the organization to security risks as these kinds of high-privileged users are often targeted by attackers, seeking to move laterally with privilege escalation.

Security should feel invisible when it’s done right

The enterprise browser has become the dominant application used at work. It’s where people access corporate web and SaaS applications. It’s now a control point and where policies are enforced. It’s where access decisions are made. It’s where data is secured.

Despite their highly privileged nature, admins need a better—but more secure—experience. From our perspective, admin access is simply another form of secure access, and it should benefit from the same design principles. By bringing admin access into the enterprise browser, we enhance security and remove unnecessary friction without removing control.

Today, we’re announcing that we’ve extended Citrix Secure Access with Chrome Enterprise beyond secure web and SaaS application access to include browser‑based access for common admin protocols like RDP and SSH. It’s available now with Chrome Enterprise Premium.

Why browser‑based admin access matters

With this capability, admins no longer need to:

  • Switch contexts between tools
  • Rely on network access methods which provide excessive access, such as VPN
  • Treat admin sessions as something “separate” from the rest of secure access

Instead, admin access becomes consistent with everything else. Because administrative access is delivered through the enterprise browser, the same security controls used for other browser‑based access can be enforced during SSH and RDP sessions. This includes applying data loss prevention (DLP) policies to privileged sessions, helping reduce the risk of data exfiltration at the endpoint.

At the same time, admins can launch the access they need directly from the browser they already use without learning new workflows or managing extra software. Security teams can be confident that admin access is governed by the same secure access framework they rely on elsewhere.

There’s no tradeoff between usability and control.

To get more detail on how this works, watch our demo video and check out our deeper technical walkthrough on Tech Zone.