Employees are the center of digital transformation. And while employees demand consumer-simple experiences, security is always at the forefront of IT’s mind. With the VMware Workspace ONE platform, our promise is to deliver a consumer-simple and enterprise-secure experience, for any app, on any device, and with this latest release, we continue to deliver on that promise.
One requirement of enabling this any-app-to-any-device experience is the breakdown of silos between identity management and enterprise mobility.
When Workspace ONE was first released, we focused on simplifying and securing user access to apps. We accomplished this by delivering a single catalog experience: One place to access the apps users need—web, mobile, Software-as-a-Service (SaaS) or virtual—from the device of their choice. We took it a step further and added single sign-on (SSO), and for IT, we offered one place to administer contextual access policies by app, device, location and data. We received rave reviews from both the market and customers that implemented Workspace ONE into their daily workflows.
Building on that innovation, the newest release of Workspace ONE makes it even easier for employees to quickly get to the apps they need. Furthermore, with enhancements to AirWatch enterprise mobility management technology, we deliver government-grade security with support for derived credentials and key partners in the security ecosystem. Best of all, these updates are available now!
Workspace ONE App Experience: Brand New Look & Feel
The latest enhancements to Workspace ONE empower users to more easily get the apps and information they need. In addition to updating the icon, we added capabilities that speed up app discovery and self-service. For IT, we made it easy to switch from the VMware AirWatch App Catalog to Workspace ONE and further streamlined deployment with a unified installer.
Fast App Discovery
One change users will notice in the Workspace ONE app is that the “Launcher” tab has been replaced with “Bookmarks.” Instead of seeing a list of apps that someone else thinks they may want to use, now users get to select the apps they see on the Bookmarks page, by simply clicking the bookmark icon on the apps of their choice.
How do users find the apps they want to bookmark? They simply go to the Catalog tab and scroll to browse, or they click the search button and search by keyword, category or app name. In addition to improved search functionality, users can also launch or bookmark an app directly from the search results!
Even better, iOS users can leverage the Spotlight search function on their device to get results from the Workspace ONE catalog. They can then launch the app right from Spotlight without needing to first go to the Workspace ONE app. Below are some screens of the iOS and Android experiences.
Upon initially launching the app, users now see in-app tutorials on navigating the app and newest features. Users also see notifications from admins across the top of the app, such as company announcements, alerts, compliance status or required actions users may need to take.
A new support button at the bottom of the screen helps users learn more about their devices and request help directly in the app. This furthers a key benefit of Workspace ONE. By enabling employees with self-service, such as the capabilities shown below, IT can reduce help desk costs.
Simplified Migration from AirWatch Catalog & Container to Workspace ONE
For those who haven’t migrated from the AirWatch Catalog and AirWatch Container to Workspace ONE: Now’s the time to move. With this release:
- Access web, VMware Horizon and Citrix apps,
- Launch web apps with SSO,
- Enjoy a superior user experience and
- Add security with multi-factor authentication (MFA).
The updated Workspace ONE app for iOS is available now for download in the App Store. Workspace ONE for Android and Windows 10 will be available by the middle of the month.
Government-Grade Security Compliance with Derived Credentials
What Are Derived Credentials?
Historically, directives like HSPD-12 and FIPS 201 mandated that smart cards [i.e. Common Access Cards (CAC) and Personal Identity Verification (PIV) cards] be used for all physical, logical and network access on all devices, including smartphones and tablets. While this was great for desktops and laptops, the experience on mobile devices was cumbersome and costly.
To help solve this problem, the National Institute of Standards and Technology (NIST) updated FIPS 201 to include additional form factors, and in 2014, NIST released a special publication (800-157) titled “Guidelines for Derived Personal Identification Verification (PIV) Credentials.” Instead of utilizing the CAC or PIV card, this special publication provides guidelines for how to generate and utilize an alternative token, which can be implemented and deployed directly with mobile devices. This newly derived PIV credential is also commonly referred to as a derived credential or PIV-D.
New Derived Credentials App!
Our newly released derived credentials app, VMware PIV-D Manager, enables the use of derived credentials with native apps and profiles, VMware apps and third-party AirWatch SDK-enabled apps. This is the most complete enterprise-mobility-management-based solution to support multiple derived credential vendors using the same framework and flow on both iOS and Android.
VMware PIV-D Manager integrates with the most popular derived credentials solution providers in the market today, which includes Purebred, XTec, Entrust Datacard and Intercede. The application also has the ability to leverage the AirWatch backend infrastructure in conjunction with any existing Certificate Authority to derive and use a derived credential in a manner that complies with NIST SP 800-157. These partnerships allow AirWatch to simplify the experience for users by providing one app with access to all vendors—with a consistent experience regardless of vendor, as seen in the screenshots below.
“As organizations expand the use of mobile technology in order to meet business initiatives, and as government employees using mobile devices require secure access to internal resources, it is imperative that this sensitive information remains secure through identity-based authentication and is protected from unauthorized access,” said Ryan Zlockie, global vice president of authentication for Entrust Datacard. “Furthermore, the access provided to enterprise applications must be easy to access and provide the end user with a frictionless experience. Our partnership with VMware AirWatch does just that.”
Learn more about the Entrust Datacard partnership.
“The combination of VMware AirWatch and the Intercede MyID credential management platform will deliver a solution that supports the latest U.S. government secure mobility standards without compromise,” said Richard Parris, chief executive officer for Intercede. “As government agencies increasingly adopt mobile solutions for employees, balancing mobility and security is critical, and customers will soon have a solution from two industry leaders to choose from.”
To learn more about our derived credentials solution, read “Derived Credentials: The Perfect Balance Between Security & Usability.”
App Security that Is Government Approved
Furthering our breadth of government-grade security solutions, we’re also announcing our partnership with Krypotwire with the inclusion of their government-vetted mobile and Internet of Things (IoT) security risk protection platform to the VMware Mobile Security Alliance (MSA).
Kryptowire is the turnkey mobile security and privacy platform of choice for federal agencies to test mobile and IoT devices against the highest internationally recognized standards used for classified and national security systems. Now, this military-grade technology that helps federal agencies comply with NIST SP 800-163 is available to enterprise users and integrated with Workspace ONE, powered by AirWatch technology.
“For years now, Kryptowire has been trusted by military and civilian agencies to meet the highest security and privacy standards for the mobile apps they use. We look forward to providing the same high standard of mobile threat protection with our security platform and VMware AirWatch.”
—Angelos Stavrou, CEO, Kryptowire
To learn more about the partnership, visit the Workspace ONE Marketplace.