Announcing Continuous Access Controls for real-time security with Workspace ONE...
source link: https://blogs.vmware.com/euc/2021/10/vmworld-2021-tunnel-continuous-access.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Announcing Continuous Access Controls for real-time security with Workspace ONE Tunnel
At VMworld 2021, we’re excited to announce continuous access controls for Workspace ONE Tunnel.
Continuous access is a key part of a Zero Trust strategy and is the next evolution from conditional access. One of the tenants of a Zero Trust security approach is that not only do you understand the full context around a user, device, application, network, and data, you also evaluate this on a continuous basis. If anything changes and goes outside of policy, access can be revoked immediately.
Today, Workspace ONE Tunnel can interrupt access to applications based on device trust as defined by the Workspace ONE Unified Endpoint Management (UEM) compliance engine. So, if a device ever goes non-compliant per company policy for any posture metrics such as OS version, firewall status, encryption, jailbreaking or the presence of untrusted apps, then Workspace ONE Tunnel will automatically break the connection, preventing unsafe access to enterprise applications.
Soon, Workspace ONE Tunnel will enable smarter app access by leveraging deeper security points. It will provide the ability to associate different policies with different apps and the ability to use Multi-Factor Authentication (MFA) as a remediation factor, delivering robust protection based on Zero Trust principles. Lastly, we want to enable security to be transparent to the user, so when a user’s access is interrupted, they will be notified and can self-remediate without help desk involvement. These continuous access capabilities are expected to be available soon.
Continuous access controls in action
In this morning’s Anywhere Workspace keynote with Shankar Iyer, we shared a demo of how continuous access controls for Workspace ONE Tunnel will work.
Imagine that an employee working from home logs in from a managed device into Salesforce (a highly sensitive application) and Slack (a less risky application). Based on the sensitivity of data involved, the company’s security team has set up different access policies for these applications, requiring different levels of device posture.
Next, while actively working in Salesforce and Slack, the employee decides to disable the firewall to print a document. The employee will immediately get a notification on the device indicating that the Tunnel session established with Salesforce has been blocked due to the detected change in firewall settings that no longer meets the access policy requirements. However, the Slack session is still active since it is a less risky application, with less stringent device posture requirements. As soon as the employee follows the provided remediation steps and re-enables the firewall, the device returns to the required posture for the session with Salesforce, and the session is restored.
In this example, Workspace ONE is constantly assessing the device posture and continuously enforcing policy for access to sensitive corporate data based on Zero Trust security principles.
Learn more
To learn more about Workspace ONE Tunnel, head to the following VMworld sessions and resources:
Read all our VMworld 2021 Anywhere Workspace and EUC announcements
Sumit Bahl
Sumit Bahl is a Senior Product Marketing Manager for the VMware Workspace ONE platform, working with customers and partners globally to deliver solutions that drive digital transformation.
Recommend
-
12
Integrating Workspace ONE UEM and Access with Okta – Many Miles AwaySkip to content
-
13
Federating Microsoft Azure with Workspace ONE Access and Office 365 – Many Miles AwaySkip to content ...
-
10
Setting up Workspace ONE Single Sign-on (SSO) and Conditional Access Workspace ONE Access as part of Workspace ONE, provides Single Sign-On (SSO) capabilities for iOS, Android, Windows 10 and macOS. The following guid...
-
4
...
-
9
In March 2020, Adobe launched the Creative Cloud for Gmail Add-on, giving creative teams the ability to seamlessly share their assets with external teams and businesses via Gmail. ...
-
6
...
-
5
Azure Databricks Access Controls and Row Level Security By: Ron L'Esteve | Updated: 2021-05-28 |
-
3
Announcing customized role-based access controls for SnykDaniel BermanJune 29, 2022We’re pleased to announce Snyk’s new role-based access management capabilities, providing admins with greater flexibility in...
-
8
Geetha Madhuri Bobbili August 9, 2023 5 minute r...
-
2
by Michael Nadeau Senior Editor ...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK