SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
VMware announces new features on Workspace ONE platform
Tue, 27th Aug 2019
FYI, this story is more than a year old

VMware today unveiled innovations to its VMware Workspace ONE digital workspace platform to help organisations engage employees from the moment they sign their offer letter and to unleash productivity to grow, expand and transform their business.

The new management, security and multi-cloud VDI features will allow IT teams to leverage automation to intelligently manage and secure access to any app, on any cloud, delivered to any device.

“Addressing employee experience holistically – from hire through retire – must be at the heart of every company's digital workspace design and is paramount to workforce transformation success,” says VMware end-user computing senior vice president and general manager Shankar Iyer.

“With Workspace ONE, IT can more confidently empower employees to be productive by providing access to the resources they need while simultaneously advancing the organisation's modern management and zero-trust security initiatives.

Workspace ONE delivers concierge services to personalise employee experiences

VMware aims to help IT and HR reimagine the onboarding and day one employee experiences with the introduction of digital concierge services, leveraging the extensive automation capabilities of the Workspace ONE platform and the richness of partner integrations.

Workspace ONE Intelligent Hub – the central launchpad for employees to securely access apps, workflows and notifications and connect with colleagues – now includes a virtual assistant, powered by IBM Watson Assistant, that users can interact with using natural language processing (NLP) or text.

With the new digital concierge service, Workspace ONE Intelligent Hub Virtual Assistant, employees will be able to complete numerous IT- and HR-related tasks such as procuring and registering a new device, troubleshooting Wi-Fi profiles, opening and managing service desk tickets, and enrolling into company benefits.

Employees will also be able to use the virtual assistant to access organisation- specific resources such as company policies, office locations and seating maps, as well as other company and team processes.

In addition, VMware aims to enhance the productivity value of Workspace ONE Intelligent Hub with new and unique Mobile Flows integrations to support HR, line of business and IT Service Management (ITSM) applications.

For instance, a new integration with Atlassian Jira Service Desk allows the seamless delivery of service desk ticket information and updates into Intelligent Hub.

These new integrations build on existing one-click contextual workflows already supported in the platform with partners such as Salesforce, Coupa, SAP Concur and others.

Digital employee experience management boosts employee experience across mobile and desktop platforms

To help organisations manage and measure the value delivered to employees, VMware is launching a tech preview of Digital Employee Experience Management, a new Workspace ONE Intelligence service.

This service will enable IT to proactively detect and automatically remediate potential issues that might impact employee experience across their hardware, OS and applications, based on real-time telemetry from their digital workspace environment.

By leveraging the combined capabilities of Workspace ONE UEM, Workspace ONE Intelligence, and Apteligent, Digital Employee Experience Management is the only solution in the industry to fully support IT with these capabilities across both mobile and desktop platforms, with full automation for self-healing and remediation.

When an issue does arise on an employee's device, IT must be able to react quickly to minimise downtime.

To achieve this, VMware is expanding Workspace ONE Assist capabilities (formerly Workspace ONE Advanced Remote Management) to include remote support capabilities for knowledge worker Windows and macOS devices.

This adds to a currently supported list of devices for Workspace ONE Assist inclusive of iOS, Android, Windows CE, and ruggedised devices.

Now, administrators can optimise employee experience by remotely diagnosing and fixing user issues across mobile and PC platforms and get them back up and running quickly.

Modern management across more devices and platforms

Today, customers are managing tens of millions of mobile, rugged and IoT devices with Workspace ONE.

VMware is announcing several innovations and integrations with its broad ecosystem that extend Workspace ONE capabilities across all platforms.

Windows 10: Workspace ONE brought more than a million new Windows 10 devices under management, making Windows 10 our fastest growing platform.

VMware is continuing to expand its support of Windows 10 modern management by introducing an AirLift migration tool to help customers accelerate the transition to Windows 10.

In addition to supporting the migration of Microsoft System Center ConfigManager (SCCM) collections, devices and applications, the tool can now also automate the process of migrating Group Policy Objects (GPOs) from SCCM to Workspace ONE.

Workspace ONE has also added another industry-first innovation for Windows 10 management with Workspace ONE Enterprise App Catalog, which serves as a one-stop-shop for IT to procure hundreds of commonly used, pre-packaged and configured apps that are ready to deploy to the end-user.

Apps are pre-tested and kept up to date to help ensure proper installation.

Now IT can spend less time packaging, testing and updating apps, and more time delivering the experiential services that employees care most about.

Dell Technologies: Announced at Dell Technologies World 2019, Dell Technologies Unified Workspace integrates Workspace ONE across Dell devices and services to simplify the entire device lifecycle for IT while providing workers with a personalised, ready-to-work experience.

Dell Technologies and VMware today announced expanded solution capabilities, including:

  • Unified Workspace now supports new Dell Latitude Chromebook Enterprise devices, enabling administrators to leverage Workspace ONE UEM to deploy apps and policies to the enterprise-ready Chromebooks alongside all other endpoints;
  • Workspace ONE now integrates with Dell SafeBIOS for continuous verification of the BIOS state against desired baselines and can automate remediation;
  • Unified Workspace deployments can leverage persistence of the Workspace ONE agent to help IT reclaim management of an endpoint even if the agent is uninstalled (such as in a lost or stolen device scenario).

“IT administrators want to give users choice when it comes to OS, device, and when and where work gets done, but they struggle with delivering a consistent and frictionless experience,” says Dell Technologies client solutions senior vice president Darrel Ward.

“By adding new security capabilities with VMware Workspace ONE and the Chrome OS to Dell Technologies Unified Workspace, we're giving IT the power to offer a consistent and more secure experience for everyone, no matter the OS they choose.

Apple: Workspace ONE manages tens of millions of Apple devices and has continuously introduced new innovations on Mac, iPhone and iPad. VMware is announcing the following new capabilities for iOS, iPadOS and macOS Catalina:

  • Planned support for iOS 13 and iPadOS coming later this fall, including initial support for the new User Enrollment, designed to support personal devices (BYOD) with business applications and services without taking full management of the device;
  • Workspace ONE now supports managed software updates for Apple devices, providing fine-grained controls across all major and minor iOS and macOS updates with custom approval workflows to automatically roll-out, pause or defer updates based on the company's risk profile toward OS updates roll out;
  • A new macOS scripting and sequencing engine that provides a powerful solution for IT teams to customise the OS, install apps, deploy system fixes; and make these scripts available to users in a self-service manner;
  • New macOS FileVault encryption lifecycle management to simplify key escrow, refresh, and recovery;
  • New System Integrity Protection (SIP) support for macOS, providing health attestation and compliance status.

Google: VMware is embracing Android Enterprise in the field and has now made it possible for customers to migrate from legacy Android to Android Enterprise profiles in a few clicks from within the Workspace ONE UEM console.

In addition, customers can enjoy the benefits of real-time monitoring around both device health and deployment progress.

VMware was the first UEM to provide modern management of Chrome OS devices and is today announcing a new Workspace ONE UEM Extension for Chrome OS.

Available in Q3, administrators will be able to utilise this extension to escrow, revoke and renew user- and device-based authentication certificates, enabling better security and streamlined user access to applications and services.

Okta: VMware and Okta today announced the integration of Workspace ONE and Okta Universal Directory (UD), enabling Workspace ONE deployments to leverage Okta UD as a primary directory service in place of traditional on-premises directories, accelerating customer journeys to the cloud.

“Our existing and new integrations of Workspace ONE with Okta Identity Cloud and Okta Universal Directory enable organisations to provide more flexibility for users to work from any device and location while delivering the most configurable contextual access security,” says Okta worldwide partners senior vice president Patrick McCue.

“By bringing together industry leaders in identity and access management and UEM, we are able to deliver best-in-class user experience and security.

Multi-cloud virtual desktop and app support with enhanced services

VMware is helping customers simplify and streamline how virtual desktops and applications are managed, highly secured and accessed as part of their digital workspace – on-premises, in the cloud or via a combination of both.

VMware is announcing several innovations designed to further simplify and automate cloud management of virtual desktops and apps within Workspace ONE.

VMware today unveiled VMware Horizon Services for Multi-Cloud that will enable IT admins to automate brokering and management across multi-site environments.

Allowing employees to log into the optimal virtual workspace – either on-premises or in the cloud – VMware Horizon Services for Multi-Cloud are designed to improve user performance, drive down costs and support a range of use cases including disaster recovery, data center expansion and cloud bursting.

As part of Horizon Services for Multi-Cloud, new management services will simplify desktop and app administration as IT will now be able to manage key assets such as applications or images across multiple sites to enable true hybridity.

This modern approach to application management will further enable IT to decouple packaging and delivery of applications.

IT will also be able to leverage identical packages across on-premises and cloud desktops with a one-to-many publishing model. Finally, a new cloud monitoring service will surface Horizon performance data so admins can proactively monitor, troubleshoot and remediate their environment from a single, cloud-based console.

Microsoft and VMware are delivering on previously committed integrations, including conditional access support for Microsoft Office 365 using Microsoft Intune and Azure Active Directory, Horizon Cloud support for Windows Virtual Desktop on Microsoft Azure, and support for Microsoft Teams to drive advanced collaboration across the workspace.

In support of facilitating seamless collaboration with colleagues, customers can now also leverage the Zoom optimisation pack with Horizon.

In addition, Horizon will be integrated with NSX Advanced Load Balancer, allowing customers to move away from legacy, hardware-based application delivery controllers (ADCs) to deliver fast, scalable and more secure desktop and app access from anywhere.

Finally, Horizon customers will now be able to reap the benefits of hybrid cloud more cost-effectively than ever before with subscription licensing.

With the VMware Subscription Upgrade Program for Horizon, Horizon 7 customers can upgrade existing perpetual licenses to Horizon Universal License at a price reflecting the additional value, allowing them to deploy anywhere – on-premises or in the cloud.

Workspace ONE intelligence adds cross-platform risk analytics to zero trust security model

By combining industry-leading modern management, access management and digital workspace analytics, VMware has championed a comprehensive approach to enable zero trust security across networks, devices, applications and users.

Today, VMware is introducing several new features aimed to help customers adopt a zero-trust security architecture.

Unveiled today, Workspace ONE Intelligence will offer a user and device risk score – a single quantifiable score based on multiple risk attributes that can be used to trigger conditional access policies and automated remediations.

Leveraging machine learning, Workspace ONE Intelligence can identify user behaviour anomalies based on variance from patterned behaviour and automate remediation actions (e.g. force multi-factor authentication, quarantine device) when suspicious user behaviour is observed.

In addition, Workspace ONE Trust Network now fully supports Carbon Black, Lookout,

and Netskope, allowing customers to integrate best-of-breed security solution data into Workspace ONE and leverage Workspace ONE Intelligence dashboards to provide full visibility into their security posture.

IBM Data and AI ecosystem and strategic partnerships vice president Daniel Kloud says, "The new Workspace ONE Intelligent Hub digital assistant powered by IBM Watson Assistant is designed to make it easier for employees to find answers to commonly asked questions and can also give IT and HR teams time back in their day and shift energy from mundane tasks to more strategic projects.