Splashtop Secure Workspace Overview

Secure Access for IT, Third-Parties & Employees

Splashtop Secure Workspace is a platform that provides visibility and control over third-party access, privileged access, application access and theInternet access. In a single-pass architecture, identity is validated, endpoint security posture is enforced, privileged accounts are protected, traffic is verified, filtered, inspected, and isolated from threats. It runs on a patent pending new architecture and ground up security technology stack, so it reduces the friction, deploys faster and perform better than other providers.

Key Features and Capabilities:

Zero Trust Network Access (ZTNA)

• Replaces traditional VPNs with faster, safer, and more resilient network access, securing application access on any network.
• Validates access based on identity, device posture, and contextual factors, supporting BYOD for both managed and unmanaged devices.
• Enforces Zero Trust policies across hybrid workloads, providing secure access through both clientless and device clients.

Privileged Access Management (PAM)

• Secures privileged account credentials with seamless injection, ensuring zero visibility to users, and is complemented by live monitoring and session recording.
• Automates credential management and rotation for Windows/Active Directory, integrating with Secret Vault for secure credential injection.
• Implements Zero Touch Provisioning for seamless integration with existing infrastructure without firewall or routing changes and includes application auto-discovery.

Just-in-Time and On-Demand Access (JIT)

• Integrates with collaboration tools like Microsoft Teams and Slack, offering zero standing privileges and user-friendly access.
• Enables JIT access through hyperlinks or QR codes for various access types, including Zero Trust Network Access, Privileged Access, and Remote Browser Isolation.
• Extends JIT and On-Demand Access to SaaS and non-SSO web applications, implementing Zero Trust policies optimized for third-party access.

Secure Internet Access (SWG, DNS, RBI)

• Delivers advanced threat defense with DNS and URL filtering, cloud controls, SSL inspection, DLP, anti-malware, and extends RBI controls to enforce Zero Trust across all Internet activity.
• Moves Secure Web Gateway to the endpoint for a faster, more reliable experience without traffic detour or friction.
• Broadens SWG, DNS, and RBI controls to include ZTNA and private application access.

Comprehensive SaaS Security

• Implements Zero Trust security measures for SaaS applications to prevent unauthorized access by users or devices to sensitive information.
• Facilitates identity management and identity proxy with Single Sign-On (SAML, OIDC, OAuth2), Multi-Factor Authentication (MFA), and conditional access. Supports Bring Your Own Identity (BYOI) for third-parties.
• Provides comprehensive control over cloud apps with CASB and DLP services, ensuring compliance with data protection laws.
• Integrates Privileged Access Management (PAM) and Remote Browser Isolation (RBI) for a more secure approach, ensuring secure, monitored access to SaaS platforms.

Key Benefits:

Simplify and Secure Access: Our Zero Trust access model ensures secure access to private applications, SaaS applications and network in real-time by enforcing the principle of least privilege. Administrators can easily set up policies within a single control panel to provide end-to-end security, including client security posture, authentication, authorization, conditional access, and privileged access.

Reduce Hardware with Browser-Based Application Access: Our solution provides secure access to web and network applications, including SSH, RDP, VNC, Telnet, and Kubernetes, all through a browser without the need for additional agents to be installed. This is achieved through zero-trust access. Our solution also offers mobile apps and browser extensions to enhance the user experience when accessing browser-based applications.

Simplify Work with Unified Network Access: Our solution guarantees zero-trust private access and internet access through the Splashtop Secure Workspace desktop application, which is available on major operating systems. The Secure Workspace desktop application not only ensures zero-trust network access to SaaS applications, private applications, and the internet, but also enhances the end user experience.

Speed Up User Onboarding and Application Provisioning: Our solution allows IT administrators to rapidly assign various applications (SaaS or private) to different user groups, along with the necessary network and security controls. End users can then access their entitled corporate applications through a unified app launcher, which boosts their productivity. When combined with SSW's Secrets Manager, end users can quickly and securely access their applications without compromising security.

Simplify Identity Access Management (IAM): Our solution includes built-in user and group management, customizable user onboarding, and advanced IAM controls. These controls include conditional authentication, conditional multi-factor authentication, integration with multiple identity providers (including enterprise-based providers such as Google Workspace, Microsoft Azure AD, Okta, and social-based providers such as Facebook, Google, and Microsoft), support for SAML, OIDC, OAuth, and SCIM/JIT provisioning for both users and groups.

Protect Access with Device Enrollment and Posture Enforcement: Device configuration enables administrators to manage the process of enrolling devices, while Device Posture Check improves network security by only allowing employees to connect with devices that meet certain security standards— OS versions, firewall status, disk encryption state, the validity of anti-virus software, and more.

Simplify Deployment with a Zero-Touch Experience: Unlike most ZTNA and VPN solutions that require complicated gateway deployment, firewall/router configuration, or complicated IP address planning within the private network, our solution provides a simple connector deployment model. It has many deployment options to fit your infrastructure and is a zero-touch user experience.

Conveniently Provide Secure Third-party/Privileged Access: Our solution ensures secure access for third parties by utilizing anonymous access links or third-party controlled identity providers, granting access to privileged systems, with session recording for peace-of-mind and compliance, without exposing login credentials to the third-party user.

Influence Secure Behavior with Secure-by-Design Password Management: Our Zero-knowledge password manager for businesses provides secure storage, sharing, and access to login credentials and other sensitive data. The sensitive information is protected by a strong authentication key derived from a master password known only to the user, and Zero Trust policies can be enforced by the IT administrator to protect access to the password and the sensitive data.