WIXLIB

SECURE END POINTSBRING YOUR OWN DEVICEDIZZION zLINK BYOD DATA SHEETHow to Deliver Secure ClientComputing for BYOD & Work at HomeDelivering client computing beyond theoffice boundariesToday’s end users are no longer tied to a staticworking environment such as a desk in an office.With the advent of virtual desktop solutions andhosted application solutions, users now have thefreedom and flexibility to choose where they workfrom. It may well still be mostly office based forthe majority of the time, but having the ability towork at home, work from customer sites, workfrom other office locations, or even work from thelocal coffee shop, all adds to increased end userfreedom and productivity.Ensuring security & compliance for remoteworkers & BYODBut herein lies the problem. Typically IT will deploysome form of thin client to access these systems,a secure device, perceived as a “cut down PC”that only allows end users to connect to remoteenvironments. How does the IT departmentdeliver this method of working while at the sametime maintaining corporate levels of securityand data protection for both the end user andthe organization, when an end user is workingboth remotely and using their personally owneddevice? In short, they need to deliver all thesecurity benefits of thin client computing withouttying the end users down.Own Device (BYOD), Bring Your Own PersonalComputer (BYOPC), or just an end user workingon their home PC? These personally owneddevices will be used to connect to and accessprivileged company information, apps, andsystems. How can IT manage this way of workingand ensure that these devices are secure and offerno risk to the corporate environment? The answeris Bring Your Own Device.Bring Your Own Device software-definedthin clientsDeploying Bring Your Own Device enables ITteams to deliver secure, policy driven, segregated,temporary workspace environments on personallyowned Windows-based end point devices, and allregardless of where the end user is working from.At it’s core, Bring Your Own Device delivers asoftware-defined thin client experience, allowingexisting Windows devices to securely accessremote environments, by locking down theunderlying device OS.This allows end users to switch between theirpersonal environment and their corporateworkspace environment, without the need toreboot, dual-boot, or boot from an externalUSB device. Bring Your Own Device deliversa familiar end user experience, via a secureworkspace interface, with the same Windowsuser experience and advanced levels of securityenabling organizations to achieve compliancerequirements.When working from the office environment,security Payment Card Industry Data SecurityStandard (PCI), and Health Insurance Portabilityand Accountability Act (HIPAA) compliance iseasily achievable. But what about Bring YourDIZZION.COM - 1.888.225.2974 - SALES@DIZZION.COMCopyright 2020 Dizzion, Inc. All rights reserved.

SECURE END POINTSDIZZION zLINK BYOD KEY FEATURESFull device lock-downLaunching and running BYOD on an end user’sWindows device denies them access to theunderlying Windows operating system, effectivelyrendering it disabled while they are using thesecure workspace environment.Instead of the desktop interface of the Windowsoperating system, an end user will access theBYOD Workspace, a simple, easy to navigate userinterface from where they can connect to theirremote environments securely. They also havethe ability to access local applications if they havethe relevant permission from IT to do so. Theirdevice is only locked down for the duration of thesecure session, and full control is returned to theuser once they log out.BYOD Validation ToolBYOD includes a unique solution that enablesIT admins to check the end user’s device beforethey connect to ensure that it meets minimumrequirements. The Endpoint Validation Toolinspects the end point to determine the patchlevels, installed software, and whether antivirusis present to name but a few checks. Proactivelychecking devices before onboarding means thatany issues can be rectified in advance, drasticallyreducing onboarding times and reducing anyinitial support calls.Application Execution Prevention (AEP)The Bring Your Own Device AEP feature addsan additional layer of security by preventing theexecution of unauthorized applications.Employing a rules-based system, IT admins cannow configure exactly which apps end users areallowed launch on their endpoint device whileBring Your Own Device is running and active.These rules allow IT admins to create white/blacklists which contain a comprehensive list of ruletypes that delivers a granular level of control overexactly which applications can and can’t run.IT admins can create generic rule sets that allowall Windows OS binaries to run, or they can createa more targeted rule set that allows only thoseapplications signed by a specific digital certificateto launch and run.Service Execution Prevention (SEP)The Service Execution Prevention feature of BYODallows you to control which Windows services areallowed to run when a BYOD session is active, andrunning in ‘worker mode’. If a service is runningand it does not match the defined ServiceExecution Prevention policies, then the service willeither be automatically stopped or the end userwill need to manually stop the service before thethey can launch BYOD on their device.Windows Patch ManagementBYOD enables IT departments to easily control theWindows Update feature to ensure that end usersare running the correct patches an updates beforeconnecting to the corporate environment.For IT this means they can configure how oftenclient devices check for updates, and then decidewhen, and if to apply them. End users can also beprompted to install any of the available updates,or the updates can simply be pre-configuredby the IT department to install silently, withoutuser intervention or disruption ensures the usersdevices are always up to date, secure, & compliant.USB device blockingUSB devices are often seen as one of the maincauses security breaches and data leakage withinan organization. Users plug in their own USBmemory sticks and other write-enabled mediadevices and copy potentially sensitive data ontothem and remove them from the corporateenvironment.BYOD is able to prevent these devices from beingusable with its USB device blocking feature.DIZZION.COM - 1.888.225.2974 - SALES@DIZZION.COMCopyright 2020 Dizzion, Inc. All rights reserved.

SECURE END POINTSDIZZION zLINK BYOD KEY FEATURES (CONTINUED)Enabling this feature means that end usersare prevented from being able to access USBbased storage devices when accessing corporatesystems and data from the secure workspace.Windows Firewall ControlBring Your Own Device allows IT admins to beable to fully configure the Windows Firewallfeature automatically. They can remove anyexisting firewall rules, or configure new firewallrules, and manage this centrally all from theDizzion Management Platform and the ProfileEditor.Right place, right time deliverAs well as working from different office locations,customer site, or even the local coffee shop, endusers can all really be classed as mobile workers.Bring Your Own Device is fully location awareness,meaning it’s contextually aware of where endusers are connecting from, enabling true flexibleworking, whether from the confines of headoffice, or other office location, delivering the rightlevel of access at the right time and right location.All delivered securely.Enhanced end user experienceThe end user experience is key to the productivityand speed of accessing patient information anddata. Bring Your Own Device delivers a familiarWindows look and feel coupled with an intuitivesecure workspace user interface that enables fastand easy access to remote environments. It alsoallows end users to have access to locally installedapplications (based on admin set policy) shouldthey need to work offline.Seamless look and feel with Magic FilterAs part of the end user experience, a uniquefeature of Bring Your Own Device is MagicFilter. Magic Filter is a dynamic key press passthrough feature that traps the local Ctrl Alt Delkeystrokes and passes them directly through tothe remote environment, just as if the user wasworking locally on their device.Magic Filter delivers an enhanced user experienceas the end user now has a native Windows feelwhen using their Dizzion thin client.Simplified management, support andonboardingAs Bring Your Own Device is a software onlysolution, end users simply download theapplication, launch it, switch to ‘worker mode’and are connected securely to the corporateenvironment in minutes!IT admins have the ability to manage the secureworkspace environment remotely, allowing themto update security policies on the fly, with no needfor a deskside visit or end users to travel in or senddevices back.Secure BrowsingIncluded as part of the Dizzion Client software, isan integrated web browser, complete with a fullycustomizable user interface, that allows users tosecurely browse Internet sites based on policy setby the IT department.The Dizzion browser is fully compatible withwebsites as it utilizes the browser renderingengine used in Microsoft Internet Explorer.Windows Security Center DetectionBring Your Own Device proactively checks andmonitors the security components of the deviceOS. Components such as Firewall Protection, AntiVirus, and Anti Spyware protection, can all bemonitored.Should one of these components not becompliant or configured correctly, then BringYour Own Device can take the appropriate actionfor remediation, ensuring that issues are not onlyquickly identified, but also quickly resolved. BringYour Own Device allows an end user toDIZZION.COM - 1.888.225.2974 - SALES@DIZZION.COMCopyright 2020 Dizzion, Inc. All rights reserved.