Every day, users put corporate data at risk by uploading sensitive documents to one of the myriad cloud-based file sharing services that operate outside the jurisdiction of IT.
Why do they do this? Are they operating with reckless disregard to the organizational risks they create by using those consumer-oriented services?
Today’s ubiquitous smart phones, tablets and cloud services make it easier than ever for people to share information in their personal lives and they expect information sharing at work to be just as easy. If the way to share information with colleagues at work is an order of magnitude more difficult, then users will find away around IT policies and share documents in the way that makes them the most productive.
So why do users turn to cloud services? Because it enables them to be more productive in this age of mobile workstyles.
IT organizations can respond to this trend in one of two ways:
- Block access to the cloud services and force users to keep working in the way that’s familiar to IT: in the office on a company-approved desktop, OR
- Deliver applications and services that match or exceed the capabilities of consumer-oriented cloud offerings, and make it a no-brainer for users to switch to those services.
I think #2 is the clear choice. Today’s announcement about the Citrix Worx App Gallery affords a good opportunity to explain how ShareFile and XenMobile enable IT to deliver a user experience on mobile devices that helps IT compete with those consumer-oriented cloud capabilities while keeping devices and data within the purview of your organization.
While ShareFile offers impressive security features on its own, XenMobile customers can deploy ShareFile with MDX enabled to light up even more security capabilities–without trading off user experience. Delivering the MDX-enabled ShareFile app has many benefits:
- Single sign-on with Citrix Worx means that users see ShareFile folders automatically based on their Worx Home authentication. Strong authentication requirements you set for Worx logon are effectively inherited by ShareFile. If the user launches ShareFile but has not yet logged onto Citrix Worx Home, the app flips over to Worx for authentication and then flips back to ShareFile after successful authentication. Users don’t need to know any details about ShareFile such as subdomain, username or password. ShareFile account location and SAML details are passed from Worx to ShareFile using the MDX SDK.
- Attachments received in WorxMail or downloaded by WorxWeb or any other MDX-wrapped application can be opened in ShareFile, but not in personal file sharing applications like DropBox. Only MDX-enabled applications that have been approved by IT will appear when the user performs an “open in” action. And the built-in document editor enables users to make changes to files from within the ShareFile app, obviating the need to send the file to an outside application. What happens in MDX stays in MDX.
- Logon to non-corporate ShareFile accounts from within the MDX container is prevented by limiting the MDX-wrapped ShareFile app to using only the XenMobile-attached ShareFile subdomain. If users have a personal ShareFile account or need to work with a third party who also use ShareFile, they can use a non-MDX version of ShareFile as a separate app on the same device.
- WorxMail enables users to attach files from their ShareFile repository without requiring that the file be downloaded to the device.
- If an employee leaves the organization, XenMobile can wipe the MDX application set from the user’s mobile device, including any enterprise data that may be present.
- MDX policies can restrict many facets of app usage: network location, camera, screenshots, etc. (But please use these with caution! If your security policies keep users from getting their job done, they will seek out and find less secure alternatives with alacrity.)
As you can see, when used with XenMobile, ShareFile enables user productivity on mobile devices and enables secure document exchange between MDX applications, without skirting IT’s visibility and control. ShareFile with MDX technology is included with XenMobile App and Enterprise editions; you can find the MDX-capable version of the ShareFile mobile apps in the XenMobile download area on citrix.com.