Extending the consumer simple, enterprise secure Workspace ONE access control experience to a broader set of applications unifies application management across application types
VMware introduced updates to the industry-leading VMware Workspace ONE solution. The Workspace ONE solution integrates application and access management, unified endpoint management (VMware AirWatch), and virtual application delivery (VMware Horizon) to help organizations evolve silo-ed cloud and mobile investments, enabling all employees, devices and things across the organization to accelerate their digital transformation journey with a platform-based approach.
“As the benefits of digitization extend across the organization to include a broader set of employees and endpoints, there is an urgent need to break down technology silos and tackle shadow IT by standardizing on a digital workspace platform”, said Noah Wasmer, senior vice president, mobile products, End-User Computing, VMware. “VMware Workspace ONE™ is the industry’s only integrated platform to deliver contextual access to all applications while delivering best-in-class endpoint management with market leading AirWatch.”
To accelerate adoption of digital workspaces, VMware is simplifying the experience for both IT and end-users with its award-winning Workspace ONE solution. Building on the Workspace ONE innovations, VMware will make it easy for IT to deliver unified access and single sign-on experience to Intranet applications that use Kerberos certs or HTTP headers, and will offer richer conditional access capabilities that combine real-time security hygiene with compliance automation. Updates to the market-leading AirWatch Unified Endpoint Management™portfolio will enhance support across OS platforms for mobile (iOS, Android), desktop (Windows 10, macOS), purpose-built (ruggedized) and IoT endpoints to simplify provisioning and end-user onboarding. Lastly, updated Workspace ONE pricing and packaging will make it easier than ever for customers to evolve their current investments into a broader, more comprehensive end-user computing environment that spans all applications, end-users and endpoints.
The proliferation of applications and unsecured BYO devices accessing work data has made it difficult for IT to maintain security compliance and regulations while ensuring end-user productivity. Current technologies and solutions only focus access control on specific attack vectors (cloud, network, endpoint) but do not unify the access control perimeter across all applications and endpoints. Unlike other approaches, Workspace ONE combines identity and enterprise mobility management (EMM) to help organizations securely access all business applications and services with an improved end-user experience.
Key highlights of newly introduced access management and security capabilities in the solutions include:
- Extending One-touch Mobile SSO Across Applications with Unified Access Control – The updated Workspace ONE solution will enable a new single control plane across cloud, native and intranet applications. Using the new VMware Unified Access Gateway with Kerberos delegation capability, end-users can access intranet applications using device biometrics and certificates securely stored on the device to experience seamless single sign-on.
- Multi-Factor Authentication (MFA) with Apple Watch – Secure MFA can be extended to the Apple Watch to enable end-users to authenticate their identity right from their wrists, taking advantage of mobile moments for increased productivity.
Workspace ONE also helps eliminate silos of multiple cloud and on-premises client management tools for mobile devices and desktops by providing a holistic, user-centric approach using AirWatch Unified Endpoint Management (UEM). This unified approach can help improve the end-user experience, enhance security, and reduce the cost and complexity of managing endpoints over traditional methods.
Key highlights of new Unified Endpoint Management capabilities include:
- Expanded Support for Windows 10 – AirWatch Unified Endpoint Management will offer new capabilities for granular OS update controls that overcome the challenges of off-network patching and the rigidity of the new Windows Update as a Service branches. A new dashboard will provide real-time visibility into installed patches for compliance and reporting. Advanced BitLocker management capabilities will enable hands-free data protection at rest and unauthorized access to company data without the need for any additional third-party encryption management tools. New integration with Windows Store for Business will offer online licensing, making it easier for IT administrators to deploy any Windows Store applications from a customized Workspace ONE company store catalog.
- Simple and Secure Android for Enterprise – AirWatch Unified Endpoint Management will help strengthen Android adoption in the enterprise by delivering a turnkey end-user experience while streamlining the setup and security of applications and devices for IT. Organizations will be able to easily onboard devices into a work managed mode and streamline application deployment with tighter Google Play integration and automate application permissions and configurations for end-users. Additional app-level password policies will enable sensitive business applications with added security and meet two-factor authentication requirements.
- Real-time Threat Detection and Access Control Remediation for Windows – AirWatch will integrate with VMware TrustPoint to take Windows endpoint security and environment hygiene to the next-level. The integration will provide a comprehensive security solution to automate threat detection with dynamic endpoint remediation, which will empower administrators to define compliance policies within AirWatch that take automated actions on compromised devices as reported by TrustPoint. The solution will enable accelerated compliance, real-time threat containment and customizable remediation policies that can dynamically adjust to threat levels.
- Advanced Rules Engine for Purpose-built Endpoints – The new rules engine for purpose-built devices will enable IT to automate remote actions using rules or conditions (battery, time, adapter, memory, and connectivity status) set in the AirWatch console. This device-based rules engine is designed for specialized industries and use cases in warehouses, manufacturing plants, oil rigs, and hospitals that use ruggedized endpoints.