Home > Secure your Digital Perimeter

Securing Hybrid Work With DaaS: New Technologies for New Realities

According to a recent Gallup poll, 53% of organizations plan to support hybrid work in 2022 and beyond, and about half of the U.S. workforce believes they can do their job remotely.1 This marks a fundamental change in the nature of work, one with tremendous implications for cybersecurity.

The platforms that support remote work, such as desktop as a service (DaaS), must evolve to meet new security demands. Organizations that do not fully secure remote workers, applications and data are not protected. They need to implement granular access policies that don’t give unfettered access to each worker. Such a least-privilege approach also simplifies meeting compliance and risk frameworks by reducing the number of workers who have access to sensitive information—and the types and amount of data governed by directives continue to increase.

DaaS also provides more protection across the wide range of connected devices that will be common in hybrid work scenarios. Devices on organizations’ networks will proliferate to the point that it is impossible to ensure that every worker is accessing corporate resources only with a business-owned system that has a fully up-to-date security stack. Indeed, hybrid work will usher in a wide range of devices that utilize only basic and relatively unsecured connections, and that will increase the organization’s attack surface.

Building Bigger Fences Isn’t the Answer
DaaS represents a fundamentally better design approach to securing hybrid work. The traditional response to threats was to “build bigger fences,” meaning more and better firewalls and other technologies that guard the network perimeter. The first problem with that legacy approach is that attackers keep creating new types of exploits that easily go around the fences, making lateral spread of attacks hard to stop. The second problem is that with hybrid work, the perimeter no longer exists. And bolting on security or adding point products for each new threat has real limitations.

A better approach is to use a DaaS platform that has security designed in from the start, with protection technologies that work together to provide defense in depth. DaaS also limits any breaches to a very small subset of the data or infrastructure and helps stop lateral spread. This simplifies containing and remediating any security event. An important additional benefit of a DaaS platform is that it ensures consistent deployment of a holistic security stack. The ability to demonstrate that cyberdefenses are in place across the user base is a primary requirement of many compliance regimes.

Citrix DaaS Is a Secure Platform That Supports Hybrid Work
Citrix DaaS is designed to meet the challenges posed by the latest wave of cyberthreats. It provides a secure platform with new and enhanced defenses beyond simply trying to keep the bad guys out. Key features include:

  • Protection for non-corporate devices: When employees work from home, they prefer using their own devices. Unfortunately, those devices rarely meet corporate security standards. With Citrix DaaS, workers access the network via a secure browser to isolate each session and ensure that browser-based attacks cannot penetrate corporate infrastructure. Citrix DaaS also supports the zero trust framework to protect against malware, malicious URLs and keyloggers.
  • Citrix Analytics for Security: This feature can help organizations improve security by protecting employees and corporate assets with intelligence derived from Citrix data across products. Citrix Analytics for Security uses models that employ artificial intelligence and machine learning to build dashboards and reports that provide essential visibility and threat intelligence. 
  • Application and API security: More than 90% of IT vulnerabilities are application based rather than network based. Many new attacks focus on vulnerable APIs and application code. Citrix DaaS has layered protection for apps and APIs with web application firewalls, bot management and protection against distributed denial-of-service attacks.
  • Adaptive authentication: Citrix Secure Private Access allows organizations to determine whether a device is managed or BYOD, what the user’s location is and the user’s risk score. The admin then knows, based on that data, how the user is authenticated and what privileges they have. Citrix provides real-time data and logs that identify who has logged in and when, enabling admins to spot anomalies and suspicious usage patterns.

Securing a hybrid work environment requires something much more sophisticated than a VPN solution. Organizations need to protect themselves from many new attack vectors. Further, security policies need to be implemented based on the needs of the users, not in a general fashion. Protecting against application vulnerabilities requires new technologies to stop widespread breaches via app or API attacks. Citrix DaaS provides this level of protection and much more. For more information, please go to: (CALL TO ACTION).

1The Future of Hybrid Work: 5 Key Questions Answered With Data,” Gallup, March 15, 2022

Virtual Desktop