VMware Workspace ONE Featured

VMworld 2019: Security and Analytics Updates for the Digital Workspace

Last week at VMworld 2019 US, we shared several exciting Workspace ONE innovations and partnership announcements. Driving employee experience was a major theme, led by our new Concierge Services, which includes a new AI-powered Virtual Assistant to improve employee engagement and productivity. We introduced many new Workspace ONE UEM Modern Management capabilities, including full GPO migration using Workspace ONE Airlift. We also showcased how VMware Horizon is helping customers with multi-cloud and hybrid support for VDI and apps. But, the topic that I’m most excited about is on the security and analytics front. We continue to focus on helping our customers enable Zero Trust security in their digital workspace deployments and, as a testament to that commitment, we showcased several new updates to the Workspace ONE platform relative to security and analytics.

Risk Analytics

Based on machine learning technology from our E8 Security acquisition, we introduced Risk Analytics in Workspace ONE Intelligence to help enable continuous verification of risk, which is central to a Zero Trust security approach. By analyzing data from a variety of sources, Risk Analytics help identify user and device behaviors that may represent risk to a user, their devices, or the organization. Behavior anomalies can be detected based on each user’s activities and device context compared to both historical baselines and to other users in an organization. This helps derive user and cross-platform device risk scores, which can then be used for insights and automation in Workspace ONE Intelligence. Risk Analytics are integrated with conditional access through Workspace ONE Access and the automation engine in Workspace ONE Intelligence helps provide cross-platform remediation and user notifications as needed.

VMworld 2019 Security

Let’s take a look at an example of how Risk Analytics in Workspace ONE Intelligence works. Let’s say a user starts out with a low-risk score and gets their usual mobile SSO access to their apps through Workspace ONE Intelligent Hub on their iPhone. The user decides to change some settings on their iPhone that are found to be unusual and possibly risky, causing their device and user risk scores to increase to medium, even though the device may still be in compliance. The next time the user tries to log into a sensitive app through the Workspace ONE Intelligent Hub, they’ll be prompted for multi-factor authentication because of the risk-based conditional access policy that’s triggered by the user’s increased risk score. This type of machine learning goes beyond just compliance policies – we now can get a view of what’s normal and abnormal from multiple signals, historical baselines, and comparisons to similar devices within the user’s organization.

Showing how Risk Analytics extends cross-platform, let’s say the same user is now on their Windows laptop. When the user tries to access a sensitive app, they will be prompted for multi-factor authentication due to the medium risk score that is still associated with the user.

If the user’s Windows device had other risks associated with it, the automation capabilities in Workspace ONE Intelligence could be leveraged to notify the user of the risk change, open a helpdesk ticket to track this issue and block access to sensitive enterprise apps until the device risks are addressed. IT can also combine multiple triggers with a risk score for automated remediations in Workspace ONE Intelligence. Leveraging this type of machine learning provides organizations with smarter, data-driven decisions that help enable Zero Trust. If you want to see a demo, we showed an expanded scenario in our Digital Workspace Showcase Keynote last week.

Digital Employee Experience Management

Another exciting analytics announcement we shared last week was an upcoming Tech Preview of Digital Employee Experience Management (DEEM), which aims to improve employee engagement by proactively addressing cross-platform end-user experience issues, powered by Workspace ONE Intelligence. DEEM looks across the hardware, firmware, BIOS, drivers, applications, and more to proactively identify conditions that may lead to crashes, poor performance, and other poor experiences. Capabilities include a User Experience score, predictive identification of conditions impacting experience, and proactive remediation, and automations to troubleshoot and enhance computing experiences. You can read more about Digital Employee Experience Management here.

Workspace ONE Trust Network

We realize that security does take a village, which is why we introduced Workspace ONE Trust Network last year. Workspace ONE Trust Network combines insights from leading security partners with Workspace ONE to deliver proactive and automated security in the digital workspace. We’ve been working with several of our Workspace ONE Trust Network partners this past year and last week, we announced General Availability of integrations with Carbon Black, Lookout, and Netskope. These partners represent leading solutions across the endpoint detection and response, mobile threat defense, and cloud access security broker markets, respectively. By integrating threat information from these partner integrations, IT can get deeper insights across apps and endpoints to become more proactive towards security events in a digital workspace. For example, if Carbon Black detects a malicious process running on an endpoint, that threat is relayed to Workspace ONE Intelligence, at which point automation can help remediate the process and alleviate the threat.

VMworld 2019 Security

While VMworld 2019 US is now behind us, we’re looking forward to sharing even more around security and analytics at VMworld 2019 Europe in Barcelona in a couple of months. In the meantime, be sure to check out all of the on-demand videos related to security for the digital workspace from last week.