Tag Archives: Citrix

Citrix patches vulnerability as ransomware attacks emerge

A new round of Citrix patches arrived Thursday for the vendor’s Application Delivery Controller and Gateway products as reports of ransomware attacks targeting vulnerable systems emerged.

The directory traversal flaw allows an unauthenticated party to perform arbitrary code execution. Originally, the Citrix patches were scheduled for release later this month, but last week the vendor accelerated the delivery and issued the first round of patches. Thursday’s patches are for Citrix ADC and Citrix Gateway versions 12.1 and 13.0. A fix for version 10.5 of the products is scheduled for release Friday.

The vulnerability, CVE-2019-19781, was disclosed in December before Citrix had an opportunity to develop fixes. Fermin Serna, CISO at Citrix, previously told SearchSecurity that the company decided to disclose the vulnerability at that time because it had received three separate reports of the flaw within two days, which indicated the risk of exploitation was higher than normal.

In a blog post, Serna urged customers to immediately apply the Citrix patches and also advised customers to take advantage of a free scanning tool, co-developed with FireEye Mandiant, designed to detect indicators of compromise in customer environments running ADC, Gateway and SD-WAN WANOP products.

It’s unclear how many unpatched systems are currently online. Security researcher Victor Gevers, who is also chair of the Dutch Institute for Vulnerability Disclosure, said via Twitter that his public scans showed the number of vulnerable Citrix systems on the internet fell to 11,372 Thursday from a high of 128,777 on Dec. 31. Gevers’ research showed that many of the vulnerable systems during that stretch either “powered down” or applied temporary mitigations in lieu of patches.

Ransomware attacks reported

As Citrix rolled out the latest patches, two separate reports of ransomware detections on vulnerable systems emerged. On Thursday, FireEye threat analyst Andrew Thompson noted on Twitter that he observed a threat actor using the Citrix vulnerability to gain initial access to a network and then pivoting to Windows environment to attempt a ransomware infection. “If you haven’t already begun mitigating, you really need to consider the ramifications,” Thompson wrote on Twitter.

On Friday, anonymous security researcher known as “Under the Breach” also reported a potential exploit of CVE-2019-19781 in a Sodinokibi ransomware attack on German carmaker Gedia. Under the Breach said via Twitter that an analysis of data released by the Sodinokibi threat actors, in retaliation for Gedia’s refusal to pay the ransom, showed the carmaker had unpatched versions of Citrix ADC.

While Under the Breach said he believed the CVE-2019-19781 was used in the attack, it’s unclear if the data released by Sodinokibi is authentic, or if Citrix vulnerability was used to infect Gedia with ransomware.

Go to Original Article

Citrix’s performance analytics service gets granular

Citrix introduced an analytics service to help IT professionals better identify the cause of slow application performance within its Virtual Apps and Desktops platform.

The company announced the general availability of the service, called Citrix Analytics for Performance, at its Citrix Summit, an event for the company’s business partners, in Orlando on Monday. The service carries an additional cost.

Steve Wilson, the company’s vice president of product for workspace ecosystem and analytics, said many IT admins must deal with performance problems as part of the nature of distributed applications. When they receive a call from workers complaining about performance, he said, it’s hard to determine the root cause — be it a capacity issue, a network problem or an issue with the employee’s device.

Performance, he said, is a frequent pain point for employees, especially remote and international workers.

“There are huge challenges that, from a performance perspective, are really hard to understand,” he said, adding that the tools available to IT professionals have not been ideal in identifying issues. “It’s all been very technical, very down in the weeds … it’s been hard to understand what [users] are seeing and how to make that actionable.”

Part of the problem, according to Wilson, is that traditional performance-measuring tools focus on server infrastructure. Keeping track of such metrics is important, he said, but they do not tell the whole story.

“Often, what [IT professionals] got was the aggregate view; it wasn’t personalized,” he said.

When the aggregate performance of the IT infrastructure is “good,” Wilson said, that could mean that half an organization’s users are seeing good performance, a quarter are seeing great performance, but a quarter are experiencing poor performance.

Steve Wilson, vice president of product for workspace ecosystem and analytics, CitrixSteve Wilson

With its performance analytics service, Citrix is offering a more granular picture of performance by providing metrics on individual employees, beyond those of the company as a whole. That measurement, which Citrix calls a user experience or UX score, evaluates such factors as an employee’s machine performance, user logon time, network latency and network stability.

“With this tool, as a system administrator, you can come in and see the entire population,” Wilson said. “It starts with the top-level experience score, but you can very quickly break that down [to personal performance].”

Wilson said IT admins who had tested the product said this information helped them address performance issues more expeditiously.

“The feedback we’ve gotten is that they’ve been able to very quickly get to root causes,” he said. “They’ve been able to drill down in a way that’s easy to understand.”

A proactive approach

Eric Klein, analyst, VDC Research GroupEric Klein

Eric Klein, analyst at VDC Research Group Inc., said the service represents a more proactive approach to performance problems, as opposed to identifying issues through remote access of an employee’s computer.

“If something starts to degrade from a performance perspective — like an app not behaving or slowing down — you can identify problems before users become frustrated,” he said.

Mark Bowker, senior analyst, Enterprise Strategy GroupMark Bowker

Klein said IT admins would likely welcome any tool that, like this one, could “give time back” to them.

“IT is always being asked to do more with less, though budgets have slowly been growing over the past few years,” he said. “[Administrators] are always looking for tools that will not only automate processes but save time.”

Enterprise Strategy Group senior analyst Mark Bowker said in a press release from Citrix announcing the news that companies must examine user experience to ensure they provide employees with secure and consistent access to needed applications.

IT is always being asked to do more with less.
Eric KleinAnalyst, VDC Research Group

“Key to providing this seamless experience is having continuous visibility into network systems and applications to quickly spot and mitigate issues before they affect productivity,” he said in the release.

Wilson said the performance analytics service was the product of Citrix’s push to the cloud during the past few years. One of the early benefits of that process, he said, has been in the analytics field; the company has been able to apply machine learning to the data it has garnered and derive insights from it.

“We do see a broad opportunity around analytics,” he said. “That’s something you’ll see more and more of from us.”

Go to Original Article

Threat actors scanning for vulnerable Citrix ADC servers

An unpatched vulnerability in Citrix Application Delivery Controller and Citrix Gateway products has become the target of scans by potential threat actors.

Kevin Beaumont, a security researcher based in the U.K., and Johannes Ullrich, fellow at the SANS Internet Storm Center, independently discovered evidence of people scanning for Citrix ADC and Gateways vulnerable to CVE-2019-19781 over the past week.

Citrix disclosed the vulnerability on Dec. 17, which affects all supported versions of Citrix ADC and Citrix Gateway (formerly NetScaler and NetScaler Gateway, respectively.) Citrix warned that successful exploitation could allow an unauthenticated attacker to run arbitrary code and urged customers to apply mitigation techniques because a patch is not yet available.

Beaumont warned this could “become a serious issue” because of the ease of exploitation and how widespread the issue could be.

“In my Citrix ADC honeypot, CVE-2019-19781 is being probed with attackers reading sensitive credential config files remotely using ../ directory traversal (a variant of this issue). So this is in the wild, active exploitation starting up,” Beaumont wrote on Twitter. “There are way more boxes exposed than Pulse Secure, and you can exploit to RCE pre-auth with one POST and one GET request. Almost every box is also still vulnerable.”

Researchers at Positive Technologies have estimated as many as 80,000 businesses in 158 countries could have vulnerable Citrix products.

Neither Beaumont nor Ullrich saw any public exploits of the Citrix ADC vulnerability, and Ullrich wrote in a blog post that he would not describe the scans as “sophisticated.”

However, Craig Young, computer security researcher for Tripwire’s vulnerability and exposure research team, wrote on Twitter he had reproduced a remote code exploit for the vulnerability and he would “be surprised if someone hasn’t already used this in the wild.”

Florian Roth, CTO of Nextron Systems, detailed a Sigma rule to detect exploitation of the Citrix ADC vulnerability, but Young noted that his functional exploit could “absolutely exploit NetScaler CVE-2019-19781 without leaving this in the logs.”

Young described how he developed the exploit but did not release any proof-of-concept code.

“VERT’s research has identified three vulnerable behaviors which combine to enable code execution attacks on the NetScaler/ADC appliance,” Young wrote in a blog post. “These flaws ultimately allow the attacker to bypass an authorization constraint to create a file with user-controlled content which can then be processed through a server-side scripting language. Other paths towards code execution may also exist.”

All researchers involved urged customers to implement configuration changes detailed in Citrix’s mitigation suggestions while waiting for a proper fix.

Citrix did not respond to requests for comment at the time of this writing and it is unclear when a firmware update will be available to fix the issue.

Go to Original Article

Citrix brings Workspace and micro apps to Google Cloud

Citrix Workspace platform for Google Cloud is now generally available. In an announcement, Citrix said the move would simplify tasks for IT professionals and users alike by using micro apps and unifying tasks in a single work feed.

The partnership underscores Citrix’s commitment to keep its services agnostic to support its customers’ choice in cloud providers, according to analysts.

Eric Kenney, a senior product manager at Citrix, said IT professionals are, at present, responsible for wrangling a variety of disparate products. These applications may, for example, govern security, file synchronization, file sharing and virtual desktops, and all of them could have different portals and login screens. Citrix Workspace is designed to make it easier to administer a range of end-user computing applications.

“It’s really difficult to manage all of these different vendors and resources,” he said. “With Workspace, IT professionals are able to bring these solutions together, with one partner, to deliver them to users.”

Putting these solutions and the options to manage them in one place helps both desktop administrators and users, Kenney said.

Although Workspace provides a centralized place through which Citrix products, such as Citrix Virtual Apps and Desktops, Citrix Virtual Desktops and Citrix ADC, may be launched, Kenney said the platform goes beyond that. The intent, he said, is to provide a home for whatever application a company wants to deliver to its users, including homegrown and cloud-hosted offerings.

One way Workspace acts to simplify employee workloads is through the use of micro apps, or small programs that can accomplish simple tasks quickly, according to Kenney.

“An analogy we use is the office copier; it has a ton of buttons on it,” he said, noting that, with knowledge of those functions, people can collate, print double-sided copies and perform any number of specialized tasks. Most people, though, only use the big green button. “That’s a way of looking at enterprise applications; you’re using them a lot, but only for a small sliver of their functionality.”

Employees approving an expense report, for example, typically must go into a separate application to review and OK the document. Kenney said that process is less streamlined than it could be and that micro apps can integrate multiple tasks of approving an expense report into one feed, enabling workers to accomplish in seconds what used to take minutes.

“You could review and approve [the report] and never have to leave Workspace,” he said.

Workspace’s new availability also provides Citrix greater integration with Google Cloud services, among them Google’s G Suite, a collection of productivity apps. Kenney said a new cloud service, Citrix Access Control, provides administrators additional control over user actions on Google Drive documents.

For example, if a malware link is inadvertently added to a document, the Access Control settings could ensure the link is opened in an isolated browser that is safely disposed of at the end of a user session. Access Control can also restrict “copy and paste” functionality in certain documents.

Workspace isn’t just for IT

Ulrik Christensen, principal infrastructure engineer at Oncology Venture, said Citrix services, including Workspace, have made things easier for his firm. The drug development company is a global operation with offices and labs in both Denmark and the U.S., and manufacturing operations in India.

“I have four to five people in the U.S., and they’re not even in the same office,” he said, adding that the complexity of supporting the different hardware they use, including Apple machines, Windows machines and Chromebooks, has proven difficult in the past.

Moving to the kind of standardized system offered by Citrix has improved the user experience and lessened the burden on IT, Christensen said.

“It’s a lot easier if something doesn’t work,” he said. “We can help because we know the whole platform… It also made it a lot easier for IT to provide users new applications and updates.”

Security had improved as well, Christensen said. With only one way to access the company’s network, it is at less risk and the firm can be more confident that its data is protected.

Citrix continues to support cloud choice

Andrew Hewitt, an analyst at Forrester Research, said the partnership with Google Cloud makes sense for Citrix, as it bolsters one of the key tenets of its pitch to customers.

Andrew HewittAndrew Hewitt

“Citrix’s core messaging is around experience, choice and security,” he said. “This announcement sits squarely in its desire to be an agnostic player in the [end-user computing market] that can enable enterprises to pick and choose whatever technologies they want to deploy to their end users.”

Citrix’s core messaging is around experience, choice and security.
Andrew HewittAnalyst, Forrester Research

The move, Hewitt said, seems like a logical extension of past partnerships with Google.

“For example, Citrix has full API access to manage Chromebooks; it supports all the management models for Android Enterprise and provides Citrix Receiver for virtualization support on Chromebooks,” he said. “This announcement is just further deepening of the relationship with Google.”

Mark BowkerMark Bowker

Enterprise Strategy Group senior analyst Mark Bowker said the partnership is good for Google as well.

“Google is trying to make inroads into the enterprise,” he said, noting pushes with Chromebooks and the Chrome browser.

Bowker added, though, that enterprises must still interact with Windows frequently. By working with Citrix, then, Google can provide its users with easier access to Windows-based services.

Citrix recognizes the importance of being able to provide its services on its customers’ cloud of choice, including a recent announcement of deeper ties with AWS. Still, its closest ties are with Microsoft, Bowker said. “The strength of their integration is ultimately with Microsoft, and always has been,” he said.

Go to Original Article

Citrix breach blamed on poor password security

Following an investigation lasting nearly five months, Citrix revealed cybercriminals did not access any customer data but did steal business documents.

According to Citrix president and CEO, David Henshall, malicious actors accessed the company’s internal network via a password spraying attack that exploited weak passwords. Henshall asserted that the Citrix breach did not involve the exploitation of any vulnerabilities and did not impact the security of “any Citrix product or customer cloud service.”

“Once in our network, the cyber criminals intermittently accessed and, over a limited number of days between October 13, 2018, and March 8, 2019, principally stole business documents and files from a company shared network drive that has been used to store current and historical business documents, as well as a drive associated with a web-based tool used in our consulting practice,” Henshall wrote in a blog post. “The cyber criminals also may have accessed the individual virtual drives and company email accounts of a very limited number of compromised users and launched without further exploitation a limited number of internal applications.”

The FBI originally notified Citrix on March 6 that malicious actors may have accessed to company systems, meaning it took just two days for access to be shut down to the attackers.

Jake Williams, founder and president of Rendition Infosec in Augusta, Ga., said for an intrusion as significant as the Citrix breach, “the speed of the response is very unusual.”

“Honestly, I’m surprised they did it that quickly. I would have expected it would take longer,” Williams told SearchSecurity. “It’s very important that you identify all access methods the attackers are using before tipping your hand with the response.”

Usman Rahim, digital security and operations manager at The Media Trust, said it was “concerning” that attackers had access to Citrix systems for five months before the FBI alerted the company.

Time is very sensitive in attacks like these, and in this case, the attackers had plenty,” Rahim told SearchSecurity. “We expect better security measures from tech companies like Citrix around their assets and infrastructure. However, the information Citrix provided paints a picture of adequate security that allowed attackers access to their systems.”

In light of the findings of the Citrix breach investigation, Henshall said the company has “taken significant actions to safeguard our systems and improve protocols,” including deploying FireEye’s endpoint security technology.

“We performed a global password reset, improved our internal password management, and strengthened password protocols,” Henshall wrote. “Further, we improved our logging at the firewall, increased our data exfiltration monitoring capabilities, and eliminated internal access to non-essential web-based services along with disabling non-essential data transfer pathways.”

It is unclear if these improvements include implementing two-factor authentication (2FA); Citrix declined to provide comments beyond what was in the public disclosure.

Williams noted that stronger passwords should help mitigate password spraying attacks.

“Password spraying is always successful if you don’t have lockout policies, which unfortunately impact the user experience significantly. It’s not an easy thing to shut down,” Williams said. “Most orgs don’t use 2FA internally because it absolutely impacts productivity. If it didn’t have a business cost, everyone would use it for everything.”

Richard Ford, CTO at threat intelligence vendor Cyren LLC, said he is shocked when corporate accounts don’t use 2FA.

“With the adoption of mobile phones, companies such as Duo or RSA provide an easy way to supply a ‘soft’ second factor that significantly complicates life for the attacker,” Ford wrote via email. “I keep hoping that this is the year we move away from simple username/password combinations, but adoption remains slow. It’s something that we, as an industry, just need to embrace.”

Rahim added that “basic multi-factor authentication could have prevented” the Citrix breach.

“They have not mentioned some of the measures they are planning to do, but MFA, password expiration, password hardening and policies for system access should be the starting points,” Rahim said. “Companies need to think about these measures before the damage is done.”

Go to Original Article

VDI shops mull XenDesktop vs. Horizon as competition continues

As the desktop virtualization market evolves, the long-standing competition between Citrix and VMware leaves IT pros with a difficult decision when choosing a product.

Citrix XenDesktop and VMware Horizon each hold their own appeal to different customers. Some are drawn to the security features and graphics-related innovations of XenDesktop, while others see Horizon as more cutting edge.

“[Citrix] was the standard for a long time,” said Zeus Kerravala, founder and principal analyst at ZK Research. “Over the last few years, VMware really has put their foot on the pedal as far as innovation goes.”

A closer look at XenDesktop vs. Horizon

XenDesktop — now transitioning to the name Citrix Virtual Desktop — accounts for 57.7% of on-premises VDI deployments compared to Horizon’s 26.9%, according to Login VSI and Frame’s “State of the EUC 2018” report released in May.

VMware is doing what it can to close the gap, however. In 2015, the company introduced Instant Clone, a feature that allows IT to clone a VM while it’s running. VMware also added Blast Extreme, a proprietary remote display protocol, in 2016.

VMware has also improved its standing in the XenDesktop vs. Horizon debate by integrating with F5 Networks to improve network performance in the last couple of years. XenDesktop uses Citrix’s proprietary product, NetScaler, which is not on par with F5’s offering, Kerravala said.

The University of Arkansas chose VMware Horizon over XenDesktop about a year and a half ago because of Horizon’s emphasis on the cloud.

“The Citrix solution felt like it was an evolution of on-prem,” said Jon Kelley, associate director of enterprise innovation at the university. “The VMware technology was more for the cloud-type stuff with disposable infrastructure. We wanted to be a little more forward-thinking and be software-defined.”

Horizon also appeals to customers because of its integration with other VMware products, according to Sheldon D’Paiva, director of product marketing at VMware.

“Workspace One has all the best-of-breed pieces integrated with it,” D’Paiva said. “It brings together VDI with Horizon and identity and access management so you can have single sign-on for all your apps. VMware can provide everything from the storage layer, the hypervisor, the broker … We can provide the entire stack.”

XenDesktop’s innovation has been strong when it comes to security improvements around consolidation and encryption, said Jeff Kater, director of information technology at the Kansas Development Finance Authority, a corporate finance entity that uses XenDesktop. Citrix integrated XenDesktop on top of an open API stack, which enables more secure browsing, among other benefits, Kater said.

“[Citrix’s] API stack on [Bitdefender Hypervisor Introspection] allows me to have file protection baked into the image, but also have memory introspection actually living one layer beneath the hypervisor, and so, virtually, we’re impenetrable,” he said. “I deny all rogue access. I was only able to get that with XenDesktop.”

Security is one of several aspects of Citrix’s virtual app and desktop offering that draw customers, according to Thomas Berger, senior product marketing manager at Citrix.

“It offers the best user experience for any application and user data over any network and on any device,” Berger said. “Its context-aware security is stronger and more flexible. And its specialized built-in support and management tools make management simpler and more efficient and agile.”

Citrix is also moving ahead when it comes to delivering graphics to virtual desktops. The company allows GPU-accelerated VMs to float dynamically among hosts so IT pros don’t have to shut down a VM when it moves to a new host. VMware offers a similar capability in vSphere 6.7 where IT pros can suspend desktop sessions to migrate GPU-accelerated VMs from one server to another.

Ultimately, though, it’s the customer-first approach that attracted Kater to XenDesktop, he said.

“They want to make sure you’re a happy customer,” Kater said. “If the customer has a request, Citrix works overtime trying to fix that and resolve that in future releases.”

Customer support is a strong element of VMware’s offering, as well, Kelley said.

“[VMware was] invested in making sure the vision they sold us was actually what we were going to get,” he said. “They focus on how to make it easier for people to get to the data and the stuff they need to get the work done.”

Is change in the air?

The XenDesktop vs. Horizon battle could shift thanks to a confluence of factors experts said. For starters, last summer, Citrix went through yet another CEO change — its third in five years.

“We do look for strength in the company as a point for how we make some of these decisions,” Kelley said. “[VMware] actually had a fully fleshed out strategy for where the thing was going.”

When you combine the uncertainty with the company [Citrix] with the end of the support for products, fiscally responsible [companies] are going to take a look around and see what else is there.
Zeus Kerravalafounder and principal analyst, ZK Research

In addition, XenDesktop 7.0 reached its end of life on June 30, 2018. When a product reaches the end of its mainstream support, it’s a natural opportunity for customers to consider other options, Kerravala said.

“That opens the door for customers to go,” he said. “When you combine the uncertainty with the company [Citrix] with the end of the support for products, fiscally responsible [companies] are going to take a look around and see what else is there.”

The changes don’t mean that existing customers are running scared, however.

“Everything has fit the bill wonderfully for us,” Kater said. “Citrix is in a good spot. And as long as it continues to innovate, people will take note, and that will smooth things over.”

Still, Kater keeps an eye on how a major change at Citrix would affect his users.

“If something goes end of life, if they sell off a part of their company, I want to make sure that every product they put into production has the ability — with a Citrix tool — to export my images, my products, into a kernel to any other of the major players and [that] they do that,” Kater said.

Citrix Summit 2018: Partners to see simplified program

Citrix plans to collapse five partner incentive programs into a single structure that the company said will simplify the way channel companies apply for incentives.

The unified incentive program, dubbed Citrix Ultimate Rewards, was announced at this week’s Citrix Summit 2018 and will go live Feb. 10. Paul Fecteau, managing director of partner programs and operations at Citrix, said the move marks a “simplification of our partner program structure and the process involved.”

Prior to the restructuring, Citrix operated five program elements: Citrix Advisor Rewards (CAR), CAR Plus, CAR Bonus, Opportunity Registration and Net New Partner-Sourced (NNPS). Fecteau said the components, which have rolled out over the course of 18 years, have all served a purpose in Citrix’s partnering initiative, but added a level of complexity. Partners have to apply separately to each of the five programs, for example.

With the new system, partners can register a deal without having to apply for the individual incentives. Instead, partners provide information on the customers, and the systems’ built-in intelligence determines the discount elements for which a Citrix partner qualifies, according to Fecteau.

“They can register deals … without having to understand the intricacies,” he said.

Citrix joins Cisco and Microsoft as vendors that have moved to streamline their channel programs in recent months. At its 2017 Partner Summit, Cisco discussed the retooling of channel programs targeting its resale partners. The networking vendor said it is taking steps to simplify its specialization portfolio and deal registration efforts. And at its annual channel meetup in July 2017, Microsoft unveiled measures the company said will simplify partner engagement and go-to-market approaches.

Citrix turnaround timeline

Discount and rebate programs

They can register deals … without having to understand the intricacies.
Paul Fecteaumanaging director of partner programs and operations at Citrix

As part of the Citrix Ultimate Rewards revamp revealed at Citrix Summit 2018, partner incentives have been recast as two discount programs, Spark and Drive, and one rebate program, called Accelerate. Accelerate provides a quarterly aggregated rebate. Spark, which Fecteau said is akin to NNPS, rewards partners for identifying and registering new selling opportunities that Citrix didn’t already know about, Fecteau explained.

Drive, meanwhile, is similar to CAR in that it offers rewards to partners that pursue value-selling activities that result in a sale. Value-selling activities include delivering a solution design, scheduling a customer demo or proof of concept, and providing an implementation schedule.

David Henshall, CEO, CitrixDavid Henshall

Beyond program simplification, the Citrix partner program changes also aim to accelerate partners’ profit in the cloud, while still rewarding them for on-premises business, Fecteau said. In 2018, partners will earn rebates based on selling Citrix Cloud services and product sales growth.

Fecteau said the cloud-related rebate is the first time Citrix has established a rebate specifically for cloud sales. But any combination of cloud sales expansion and on-premises product revenue growth will earn partners a rebate, he added.

Also at Citrix Summit 2018

Partners attending at Citrix Summit 2018 will hear keynoters, including Citrix President and CEO David Henshall, talk about the company’s overall strategy.

Conference sessions are organized around a handful of tracks, including sales, technical, marketing and Citrix service provider.

The Citrix partner conference, held in Anaheim, Calif., concludes Jan. 9.

New Citrix ShareFile features automate workflows

Recent updates to Citrix ShareFile features aim to make it easier for employees to complete common workflows.

ShareFile this month got updates to its customizable workflow feature that allows organizations to store workflow data on premises. Workflow capabilities have become more common in content management tools, and Citrix’s enterprise file sync and share (EFSS) offering may pique the interest of organizations where employees repeat certain business processes.

“For transaction-based businesses, the workflow feature could be quite useful — [for example], a real estate transaction that requires multiple reviews and approvals,” said Jo Harder, a cloud architect and analyst at TVP Strategy.

 ShareFile also added support for information rights management for cloud customers and a new migration service for moving from other storage systems.

What’s new with Citrix ShareFile Workflow

The ShareFile workflows feature, which allows users to carry out common tasks such as submitting requests and making approvals, came out for the web version of the service in 2016 and became generally available for its mobile apps in June. Integration with Citrix’s Secure Forms app development tool allows organizations to create custom workflows that aim to streamline repeated processes people do manually. It also allows organizations to set custom triggers that cause an action, such as alerting a manager by email when an employee fills out a form that requires approval.

Before this latest ShareFile update, the custom workflows were only available for data stored in Citrix-managed cloud storage; now, organizations can store the data on premises.

We are very heavy on trying to automate processes.
Michael Thompsonsystems engineer at a managed services provider

IT professionals and end users can create workflows in ShareFile using templates. Once a person builds a form, he or she grants a user or group of users permission to access it. Users can then access the forms they’re approved to use from the ShareFile Workflow app, which is available on desktop or mobile and is separate from their stored documents in the ShareFile app.

This capability would be useful for handling project management documents that employees constantly send back and forth among themselves for reviewing and signing, said Michael Thompson, a systems engineer at a managed services provider with several hundred employees who manage more than 30,000 customer sites.

“We are very heavy on trying to automate processes as much as possible for the minutia that you get tasked with day to day, so that’s a big deal to us,” he said.

The MSP uses ShareFile today for sharing documents, but employees use encrypted email to send and sign project management documents and service agreements.

“That works OK, but ShareFile fits that bill better,” Thompson said.

Custom workflow ShareFile features are included in the premium and platinum editions of the service.

Citrix ShareFile Workflow
An example of a workflow form created with Citrix ShareFile.

More new ShareFile features

Citrix also added a service to help organizations migrate data from legacy file servers to Citrix-managed storage zones. The offering, aimed at companies with large amounts of data, allows new or existing ShareFile customers to schedule a time to migrate data that will have the least effect on user productivity.

Additionally, the information rights management (IRM) capability Citrix announced last year will now be available for Citrix-managed cloud storage, not just on-premises storage. IRM ensures that any file encrypted and requiring authentication in ShareFile remains that way no matter where it lives.

The latest ShareFile update also brings several minor new features to its Microsoft Outlook plug-in and a new add-on for Outlook on Apple macOS and Outlook Online.

ShareFile’s role in the EFSS market

Other EFSS products also offer workflow capabilities, such as Box’s Relay feature. A couple aspects differentiate Citrix ShareFile, however, including the ability to take advantage of mobile app templates in Secure Forms and allow for IT management through Citrix Workspace. Another leg up is Citrix’s ownership of RightSignature, an e-signature software similar to DocuSign that provides secure signing functionality users can incorporate into the workflows, Harder said.

Still, the future of ShareFile has been somewhat unclear after Citrix laid off hundreds of employees, including many in the ShareFile business, last month. At that time, CEO David Henshall said the company would focus ShareFile more on the enterprise market rather than SMBs.

Gartner’s 2017 Magic Quadrant for content collaboration (formerly the EFSS quadrant) placed Citrix as a leader but ranked its “ability to execute” lower than that of Box, Dropbox and Microsoft.

“Competition is definitely heating up,” Harder said.