Contact us

 

Want to see how deviceTRUST’s technology can help enhance your physical or virtual environments with easy to consume context from your users and their endpoints?

Contact

Comprehensive Customer Scenarios

Check out the following customer scenarios and see how deviceTRUST’s contextual security solution can be used to easily enable business requirements without compromising security, compliance and regulatory requirements.

Home Office

Compliance Check

Compliant Backend Access

External Partners

Bring your own Device (BYOD)

Location-aware Printing

License Compliance

Compliant Application Access

Meeting Room

Silo Optimization

Unauthorized USB Drives

Dynamic Policies

Home Office

 

Requirements

  • Employees must be able to work from their home office with unrestricted access to all necessary applications, identical to when they are working within the corporate network.
  • However, employees access their virtual workspace environment from external locations, and IT have no information of where their employees are located.
  • This results in a high security and compliance risk for the company since the role of the employee within the company is not sufficient to control access to the virtual workspace and applications.

 

Solution

With deviceTRUST’s contextual security, companies can provide home office access that meets all IT security, compliance, and regulatory requirements:

  • The deviceTRUST Compliance Check basically ensures that all existing IT security and compliance requirements are met. This includes, for example, the status of security components such as firewall and antivirus, but also the networks used and the country from which access is being made.
  • Optionally, deviceTRUST can validate the employee’s home office if necessary. This ensures that employees can only access their virtual workspace from validated environments, such as their home office or company. Unauthorized access, even with stolen access data, is thus securely prevented.

External Partners

 

Requirements

  • Employees of external partners and suppliers should have access to applications and resources that are provided in the virtual workspace of the company.
  • Depending on the classification and confidentiality of the data within the applications, the corresponding security, compliance and regulatory requirements must be met during access.
  • The devices are unknown to the company’s IT department, and apart from the role of the user, no further information is available that would enable applications and resources to be made available to external partners in accordance with the specifications.

 

Solution

With deviceTRUST’s contextual security, companies have the possibility to make applications and resources available to external partners via the virtual workspace in accordance with the specifications:

  • deviceTRUST enables a compliance check of the device used by employees of external partners without having to manage these devices. This means that access is only permitted if the device meets all security and compliance requirements.
  • This compliance check can be individually adapted to the various requirements of the company. Information about the used device, the used network connection and the location is available.

License-compliance

 

Requirements

  • Enterprise applications that are licensed per device (e.g. Microsoft Project or Microsoft Visio) are made available on virtual workspaces for a dedicated group of users.
  • It is necessary that the license conditions of the respective vendor are adhered to and that the respective applications can only be used if the user uses a licensed device.
  • Since the device used by the user cannot be uniquely identified in virtual workspaces, it cannot be guaranteed that users can only run these applications in the virtual workspace with licensed devices.
  • This means that it is not possible to use the applications in accordance with the license or only at great expense.

 

Solution

With deviceTRUST’s contextual security, companies have the possibility to make device-based applications available via virtual workspaces in accordance with the license:

  • deviceTRUST makes it possible to uniquely identify devices when they access the virtual workspace.
  • Based on this identification, access to the application is permitted or prevented in accordance with the license.
  • The license-compliant application usage is logged in an audit-proof manner.

Silo Optimization

 

Requirements

  • Users access their virtual workspace from different locations. This includes access from within the company as well as from outside while travelling or from the home office.
  • The existing security, compliance and regulatory requirements stipulate that individual applications within the virtual workspace may only be used for access from certain scenarios, e.g. within the company.
  • Here, the role of the employee is not sufficient to provide the correct applications and resources for the respective access scenario.
  • A common workaround is to build multiple application silos for each access scenario. The user must therefore connect to the correct virtual workspace depending on the situation.
  • This leads to increased administrative effort and costs and a poorer user experience.

 

Solution

With deviceTRUST’s contextual security, companies have the opportunity to drastically reduce the number of application silos:

  • deviceTRUST enables companies to easily allow different access scenarios within one virtual workspace application silo.
  • This leads to significantly lower operating costs of the virtual workspaces and reduced administration effort.
  • Users only connect to one virtual workspace regardless of their access scenario. In doing so, all security, compliance and regulatory requirements continue to be observed.

Compliance Check

 

Requirements

  • Companies enable their users with different devices to access their virtual workspace in order to work productively with their applications and resources.
  • Users should be able to use devices which are managed by IT, and also devices unknown to IT.
  • Since only the role of the user is known during access, but no information about the status of the device in use is available, access to the virtual workspace cannot be guaranteed to comply with security and compliance requirements.

 

Solution

With deviceTRUST’s contextual security, companies can make applications and resources available to their users via the virtual workspace in accordance with the specifications:

  • deviceTRUST enables a compliance check of the device used when users access the virtual workspace, but without having to manage these devices. This means that access is only permitted if the device meets all security and compliance requirements.
  • This compliance check can be individually adapted to the various requirements of the company. Information about the used device, the used network connection and also the location is available.

Bring Your Own Device (BYOD)

 

Requirements

  • Companies enable their users with private devices to access their virtual workspace in order to work productively with their applications and resources.
  • Since only the role of the user is known during access, but no information is available about the status of the device used, access to the virtual workspace in accordance with security and compliance requirements cannot be guaranteed.

 

Solution

With deviceTRUST’s contextual security, companies can enable their users to securely access the virtual workspace with private devices:

  • deviceTRUST enables a compliance check of the used device to be carried out when users access the virtual workplace environment without having to manage these devices. This means that access is only permitted if the device meets all security and compliance requirements.
  • This compliance check can be individually adapted to the various requirements of the company. Information about the used device, the used network connection and the location is available.

Compliant Application Access

 

Requirements

  • Many industries, such as healthcare, insurance, government, and finance, have strict compliance and regulatory requirements for accessing virtual workspaces and the applications available within them.
  • These regulations clearly define which applications may be used in which access scenarios.
  • For example, it must be possible to differentiate between internal and external access, access from different countries, network security or the device used.
  • The role of the user is not sufficient to implement these requirements according to the specifications.

 

Solution

With deviceTRUST’s contextual security, companies can implement access to applications within the virtual workspace in accordance with compliance and regulatory requirements:

  • deviceTRUST makes it very easy to provide different access scenarios within a virtual workspace.
  • The control of application access is not only carried out during login and reconnection, but also during the session runtime.
  • The application usage is logged in a compliant and audit-proof manner.

Unauthorized USB Drives

 

Requirements

  • Users of the virtual workspace must be able to exchange files with a USB memory stick plugged into their device.
  • However, for security reasons, this data transfer may only be carried out with USB memory sticks that are authorized by the company.
  • Within the virtual workspaces there is no standard option to allow the use of dedicated USB memory sticks from defined manufacturers only.

 

Solution

With deviceTRUST’s contextual security, companies have the option of only releasing authorized USB memory sticks to users within the virtual workspace:

  • deviceTRUST enables the unique identification of a USB memory stick by using the characteristics of the USB memory stick (e.g. manufacturer ID, product ID and serial number).
  • This unique identification of the USB memory stick enables dynamic access control at any time, both in the virtual workspace and on the local device.

Compliant Backend Access

 

Requirements

  • The administration and maintenance of central IT systems, such as databases, file servers or mail systems, is carried out by company employees or external service providers.
  • The systems are usually accessed via a Microsoft RDP remote connection that is established from various devices.
  • With Microsoft RDP remote connections, there is no information available about the used device, the security status of the device, the used network connection or the location of the administrator.
  • Since these are mission-critical systems, access must always be made according to the security and compliance requirements of the company.

 

Solution

With deviceTRUST’s contextual security, companies can grant administrators and external service providers fast and cost-efficient access to backend servers while complying with all security requirements:

  • deviceTRUST enables administrators to perform a compliance check of the devices used without having to manage these devices. Access is only granted if the device meets all security and compliance requirements.
  • This compliance check can be individually adapted to the various requirements of the company. Information about the used device, the used network connection and the location is available.

Location-aware Printing

 

Requirements

  • Printing in virtual workspace environments still poses a great challenge, because employees work on different devices and locations within the company building.
  • For employees, the default printer is defined based on their role. Documents are therefore often not printed on the printer closest to the employee.
  • As a result, the employee does not receive the required document, and documents containing personal data may be printed on the wrong printer.

 

Solution

With deviceTRUST’s contextual security, companies have the option of defining both the available network printers and standard printers within the virtual workspace according to the location of the end device:

  • deviceTRUST enables the location of the device to be clearly identified when accessing the virtual workspace.
  • Based on this identification, the available network and default printers are dynamically defined when logging on and reconnecting.
  • Users therefore always use the nearest available printer.

Meeting Room

 

Requirements

  • To secure the virtual workspaces, screen savers are activated within the user sessions after e.g. 10 minutes of idle time.
  • If a user is in a meeting room, the activation time for the screen saver is very often too short, because, for example, longer discussions are held with the participants during a presentation. The user is forced to unlock the screen saver by entering a password during the meeting.
  • In virtual workspaces today, there is no possibility to dynamically adjust the activation time of the screensaver.

 

Solution

With deviceTRUST’s contextual security, companies can dynamically adjust the activation period of the screensaver according to the location of the device:

  • Users now dynamically receive a screensaver configuration within the virtual workspace that meets their requirements.
  • At the same time, the company’s security requirements are still met.

Dynamic Policies

 

Requirements

  • In local and virtual workspaces, policies from different vendors, such as Microsoft, Citrix and VMware, are used to manage the user environment.
  • These policies are used to control settings for screen savers, session idle time, availability of local drives and printers in the user’s virtual workspace, for example.
  • The setting of these policy settings is mainly static based on the group memberships of the user, and no longer meets today’s requirements of a dynamic working method of the user.

 

Solution

With deviceTRUST’s contextual security, companies can dynamically adapt policy settings in local and virtual workspaces to the user’s current requirements:

  • In the virtual workspace, the screen saver is only activated if the device does not meet the requirements for a secure screen saver.
  • The session idle time for disconnecting or logging off a user session can now be defined dynamically based on the location of the device and the user.
  • Local resources, such as drives and printers, can only be used in the virtual workspace if, for example, the used device is managed and secured by the company. Non-company devices can still be used, but local resources are not available.