VMware Anywhere Workspace Solution and Endpoint Security
You know, IT administration would be an awesome job if it was not for the growing, demanding needs from the end users, especially now as hybrid work has become the new normal for many organizations. Think about it for a second: End users expect a good user experience wherever they are working, the latest software and the ability to use the devices they want — all while being the most likely source to introduce security breaches, malware and viruses. Outrageous! They should be grateful they even get devices that are allowed on our network. As admins, all we want to do is to play with cool technology and take naps! Why is that so hard?
Unfortunately, we would not have our paychecks without our end user, so we need to build systems that meet their needs without adding to our workload. That is where VMware comes in with their Anywhere Workspace solution. For those that are unaware, Anywhere Workspace brings together three major VMware products: VMware Workspace One, VMware Carbon Black and VMware SASE.
For this article, we are going to focus on the integration of two of the three components for the Anywhere Workspace solution: Workspace One and Carbon Black. With Workspace One, you get full device management via their Unified Endpoint Management (UEM) product for all the devices in your ecosystem, a conditional access portal to manage the distribution of the applications users need via their Access product, and a great virtual desktop, profile management and application delivery solution via their Horizon suite. With Carbon Black, you get a leading next-generation antivirus solution that has comprehensive threat detection and prevention capabilities, as well as real-time query and remediation features.
All of the products in Anywhere Workspace are solid, if not great products. But when you integrate them together and add in the power of Workspace One Intelligence, you get an amazing synergistic experience that truly gives the end users what they want, while securing the device and user experience in a non-intrusive negligible impact way that is also easy to maintain and monitor.
Now, imagine a world where you deliver a Windows, macOS, Android or iOS device directly to a user that either has no base configuration or that configuration has been started via drop ship provisioning. When the user first starts up the device and inputs their credentials, the UEM enrollment is automatically started, the security tools are instantly installed and the user is ready to work within minutes.
When a device is enrolled in Workspace One UEM, admins can deliver the apps users want or need, deliver profiles that manage and lock down the devices, and set up compliance policies that ensure devices meet corporate standards.
Carbon Black sensors can easily be installed on any device enrolled in Workspace One UEM via UEM's app delivery technologies. By doing so, potential threats can be detected, threats can be traced to their source, and issues are remediated before they become serious.
Using the integration capabilities built into Workspace One Intelligence, the data from both UEM and Carbon Black can be fed into the analysis dashboards for concise monitoring. Automations can be built to take actions when jailbroken devices (devices with unauthorized applications installed) don't comply with IT policies and other security risks are seen. These automations can also include actions such as removing corporate applications from devices when UEM compliance issues are discovered or when Carbon Black sensors detect malicious activity.
Together, WWT and VMware give the overall ease of use, access and experience, all done securely for our end users. Let's give employees what they want and need, while giving us the free time to be more productive.