Workspace ONE gives information technology organizations the ability to manage any application on any device by integrating identity, application and enterprise mobility management both on-premises and via the cloud. AirWatch provides a centralized approach to managing all endpoints in an organization, including desktop computers, mobile devices and intelligent endpoints.
The new releases expand endpoint management with support for Android, Windows 10 and upcoming versions of Apple’s iOS 10.3 and macOS 10.12.4. They also improve threat detection and remediation and upgrade the user experience. “The feedback from customers is that we increasingly need to embrace consumerization, and make it easy to access corporate services fast,” said Blake Brannon, vice president of product marketing for AirWatch.
The new Workspace ONE combines unified endpoint management, application access control and security and application virtualization under a single umbrella. “Currently, most solutions only protect the endpoint; we will surround all applications and endpoints in a unified manner,” Brannon said. This includes legacy applications as well as those that are off the network or domain.
For example, IT can prevent a jail-broken smartphone from accessing the network. A new plug-in enables legacy applications that don’t support the Security Assertion Markup Language standard to continue using SAML benefits such as single sign-on.
Android support has been improved with streamlined on-boarding and configuration control. Android users can now scan a QR code out-of-the-box and have the device fully provisioned with applications and configurations that conform to business standards. “The user doesn’t have to create settings for anything,” Brannon said. Sensitive applications can be protected with two-factor authentication at the option of administrators.
Improved Windows 10 support includes granular patch management and better security. Administrators can now see the patch status of all Windows 10 devices on the network. AirWatch now also supports BitLocker, the full-disk encryption feature included in recent versions of Windows. “There’s no need to carry around a flash drive for authentication,” Brannon said. “A user can simply type a password or a PIN to authenticate and log in through BitLocker.”
Other Windows-related security improvements include real-time threat detection and access control remediation. Workspace ONE has also received certification under the Common Criteria international security standard. The software already complies with the Federal Risk and Authorization Management Program (FedRamp), Defense Information Systems Agency, Security Technical Implementation Guide, Federal Information Processing Standard 140-2, Service Organization Controls 2 Type II standards.
User interface improvements to VMware’s Boxer email client include real-time email notifications and “badging,” which is a way to display such accomplishments as certifications and credentials in a verified form. Support for three-dimensional touch gestures and conversation threading is also new, along with a built-in QR code reader that provides for secure access to embedded websites. The VMware client also now includes classification capability, which enables organizations to label email messages according to criteria like sensitivity or importance.
Price reductions amount to roughly 20 percent per device per month. For example, the monthly subscription fee for a standard plan falls from $4.33 per device per month to $3.50. The price cuts are possible because “we can leverage huge economies of scale in the cloud,” Brannon said.