Multiplicity of locations, access, file storage volumes, heterogeneity of devices, systems, numerous applications, different versions are all challenges to face to guarantee the security of the company's information systems.
Facilitating security can be achieved by reducing the number of devices, the number of operating systems, controlling and deploying an application catalogue per profile, implementing transparent updates, controlling the file system and permanent or ephemeral shared data, including with third-parties.
If it is necessary to secure one or more devices per person (desktop, laptop, hybrid, tablet, smartphone, chromebook, thin client) and different systems (MS Windows, MacOS, Linux, Android, iOS, etc.).
If only a login/password secures most workstations.
If large efforts are needed to deploy patches and updates on a wide variety of devices and systems.
If it is complicated to ensure that each device is encrypted by default or through a tool installed for this purpose.
If personal and professional environments are used by the user for the same tasks.
If some or all users are allowed to install applications they chose on the devices.
If access to the different application platforms is not centralized yet and if it is necessary to be able to respond to new regulations (GDPR).
If there is only one computer and different accessories, depending on the need.
If logging in can only be done by fingerprint, facial recognition or a schematic, with a code.
If system and application updates are transparent to the user, pushed from the application server.
If the computer content is encrypted by default and remotely erasable and disableable.
If the user's professional and personal environments are distinct and waterproof within the same computer.
If the business application catalog is customized for each user, locally installable on the computer or published as virtual applications.
If access to the virtual applications is made through an encrypted stream with all accesses logged (RGPD ready).
OXI DIGITAL WORKSPACE
In order to have applications hosted in the company's IT from its Android device, simply add a gateway between the Internet and your application servers.
The gateway can be hosted in your own data center or in the cloud.
Smartphones connect to this gateway, authenticate themselves and will show authorized applications in the user's start menu.
The OXIgateway allows the use of applications hosted in the company's network in a secure way. The gateway can be hosted in the DMZ of your network or in the cloud as a VM.
From network side, only port 443 is open. Between the outside world and the gateway, any mean of filtering can be setup as long as it does not break websockets.
OXI DIGITAL WORKSPACE
Logging into the user environment requires authentication:
SSO between the smartphone user account and the user account in the company directory (AD, LDAP)
One-Time Password (ex. Google Authenticator)
The connection between the smartphone (the tablet) and the gateway is encrypted (SSL).
Access to the gateway is managed by the ACLs in the company directory.
Third party access can be granted directly from the gateway administration portal.
All connections are logged.