Blog

Amazon WorkSpaces and deviceTRUST:
Better together!

deviceTRUST supports WSP and the related SDK for Amazon WorkSpaces and AppStream from day one! Read here how you can use deviceTRUST with Amazon WSP to make your remote desktops and apps even more secure!

Introduction

With the new Amazon WorkSpaces Streaming Protocol (WSP) , Amazon brings its Amazon WorkSpaces and AppStream technologies to a new level. WSP is more secure and faster than earlier access protocols and offers a 3rd party integration API with rich capabilities.

deviceTRUST: Zero Trust for your digital workspaces

deviceTRUST is the leading solution for context-based security for digital workplaces. With deviceTRUST, you can easily, permanently, and individually determine the properties of end-user devices. Based on this information, you can secure your digital workplaces. In the spirit of the premise “Never trust, always verify!”, you achieve more security and increase your level of maturity in your journey towards “Zero Trust”!
deviceTRUST provides IT administrators with comprehensive visibility into devices connecting to resources and enables you to enforce security policies. Control access to your digital workplace based on multiple factors such as device security, network connection, location, and more!

Amazon WSP: Advanced Remote Visualization

Amazon WorkSpaces Streaming Protocol (WSP) is a highly flexible and scalable remote desktop protocol used in both Amazon WorkSpaces and Amazon AppStream. It enables users to securely access desktops and applications hosted in the Amazon cloud, providing a seamless and high-performance user experience regardless of device or location.
WSP has supported deviceTRUST as a launch partner since the initial release in 05/2023. You can deploy your workspaces and apps even more easily and securely through this collaboration.

Integration Benefits

The integration between deviceTRUST and Amazon WSP offers several key benefits for organizations:

1. Enhanced Security: By combining the device visibility and control features of deviceTRUST with the secure remote access capabilities of WSP, organizations can ensure that users can only gain access to sensitive data and applications from authorized devices. deviceTRUST provides real-time endpoint checks and enforces security policies, minimizing the risk of unauthorized access.

2. Enhanced user experience: WSP already provides a seamless and responsive remote environment. By integrating deviceTRUST, organizations can further optimize the user experience by tailoring the remote desktop environment to specific device capabilities and user preferences. This ensures that users have the resources they need to perform their tasks, increasing productivity and satisfaction. deviceTRUST’s security checks only interfere with the user’s work when an undesirable condition is detected.

3. Compliance and auditing: deviceTRUST provides detailed visibility into endpoint properties so organizations can ensure compliance with industry regulations and security standards. Integration with WSP extends these compliance and auditing capabilities to your remote desktop and app environment, allowing you to track access and actions and ensure compliance with data protection regulations.

Example

Amazon WSP provides granular control over virtual channels. This lets you control which local resources users can utilize inside the remote session Configuring NICE DCV authorization – NICE DCV (amazon.com).
deviceTRUST enhances this concept by allowing you to implement the controls automatically, device-related. For example, you can easily control that only users who access the session from secure devices can use clipboard redirection. Or you can prohibit taking screenshots when users use non-company devices for accessing your digital workplace.
In this example, we show controlling the clipboard based on the “security state” context, i.e., the information whether a user is accessing from a device classified as “protected” or not.
We use a configuration that has been part of our product since version 23.1: “Conditional Configuration – AWS DCV Settings – Security State.” The built-in template contains everything you need to control clipboard redirection for your WSP-based user sessions. Based on the device’s security status (e.g., firewall, antivirus, patch status), deviceTRUST manages the WSP settings instantly.

Our video shows the use case from the user’s point of view:

Vimeo

By loading the video, you agree to Vimeo’s privacy policy.
Learn more

Load video

Conclusion

Integrating deviceTRUST and Amazon WSP brings together powerful security and remote desktop access capabilities. By combining the visibility and control features of deviceTRUST with the highly efficient remote access of WSP, organizations can ensure that only authorized devices and users can access their sensitive data and applications. In addition, this integration improves the user experience by tailoring the remote desktop environment to the capabilities and preferences of the devices.

About the Author:

Sven Jansen

PreSales Manager

Sven is the link between customers, partners and our deviceTRUST team. As the person responsible for pre-sales, he is the contact person for demos, questions and suggestions, as well as support during the implementation and use of deviceTRUST.