Friday Notebook, May 17: Citrix Synergy previews; security in the headlines

Also: BetterCloud; Liquidware app cloaking; more on MSIX AppAttach; Windows XP patch; WhatsApp; mobile security; and more!

This is our weekly log of desktop virtualization, enterprise mobility, and end user computing news.

Our blog posts

Kyle: Citrix Cloud revenue is now over 10% (Citrix Synergy 2019 preview). Citrix Cloud actually looks to be gaining a foothold and shows a promising revenue stream for Citrix while overall growth remains minimal.

Jack: Citrix Synergy 2019: The BrianMadden.com preview. Citrix has to strike a careful balance between their constituencies, but no matter what, we’re looking forward to all the product and strategy news at Citrix Synergy 2019.

Jack: BetterCloud is like Group Policy for your SaaS apps - BrianMadden.com Podcast #139. Now that we’ve addressed mobility and cloud identity, it’s time manage settings within SaaS apps.

Jack: Liquidware plans to do app cloaking in FlexApp 6.8.5. The app management (virtualization, layering, cloaking, etc.) space continues to be super interesting!

Industry news

The top stories this week involved security issues:

  • Microsoft disclosed a remote code execution vulnerability in RDP, and even released a patch for Windows XP and Server 2003. Windows 7 and Server 2008 and 2008 R2 are also affected, but not Windows 8 and 10.
  • WhatsApp patched a zero-day vulnerability that allowed attackers to use VoIP functionality to do remote code execution. Citizen Lab believes that this was used in attacks in the wild, and the software is believed to have come from the NSO Group. This brought up the issue—which we’ve talked about for years—that mobile threat defense agents are limited in how they poke around in mobile OSes.
  • The U.S. Immigration and Customs Enforcement agency is evidently buying GrayKey devices, which can brute force passcodes on older iOS versions via USB. This is a good reminder about the USB restricted mode, and knowing how to instantly disable Face ID and Touch ID by entering Emergency SOS mode.
  • Zombieload is a vulnerability disclosed this week, affecting Intel processors, that’s similar to Meltdown and Spectre. (More via TechCrunch.) Apple, Google, Mozilla, Microsoft, and AWS have all released patches.
  • There was a Bluetooth vulnerability in in Google’s Bluetooth Titan security keys, but it seems pretty difficult to exploit (attackers need physical proximity, plus they’d need your credentials), and Google is providing free replacements.

If anything, all of these are a reminder that we should really think about the actual threat models before we panic, and that security hygiene basics, zero trust, defense in depth, and other concepts are important for a good reason.

IGEL has been touting their software a lot lately, but of course thin client hardware is still a big part of their business, and this week they announced the new IGEL UD2.

Stratodesk will support the NVIDIA Jetson Nano.

The Google Pixel 3a is Android Enterprise Recommended. Years ago, I was intrigued by the idea of the Google Nexus (the Pixel phone predecessor) as an enterprise phone, and the Pixel 3a has many of the same benefits, plus it’s at the right price point for massive deployments at $400. The big question in the consumer tech space has been whether Google really wants to become a hardware powerhouse. The Android management world is way different now, but either way, I think the 3a could be a good enterprise choice.

More reads

Friend of the site and BrianMadden.com contributor Bas van Kaam has posted a useful article covering everything we know about MSIX AppAttach, the next iteration of FSLogix technology revealed last week at Microsoft Build.

VMware hosted an Employee Experience event in Palo Alto this week, along with the results of a survey that shows employees prefer working at companies with a better EUC experience. This is something we’ve been thinking about it for years, going back to all our old consumerization of IT coverage, but it has really got me thinking about how this can be quantified and what else it can mean to our space. Along these lines, I think you could define “workspace” as just a comprehensive, modern EUC strategy. On the other hand, I keep on thinking about this New York piece, Why doctors hate their computers. What does this all mean? I think this is a question that we can always think about, and it happens to be on my mind now. Time to start jotting down notes for a future article.

Citrix Synergy

I’m looking forward to seeing everybody at Citrix Synergy next week. We’ll plan our usual live blog, and we’ll be around through the whole show. If you have something exciting to tell us about or just want to catch up, be sure to come and find Kyle and me.

Also, don’t forget that TechTarget puts on the Best of Citrix Synergy Awards, and the ceremony will be Wednesday at 2:30 p.m. in the Meet the Experts Theater No. 1, in Synergy Park. I’m honored to be the MC and present the awards, plus Citrix’s Tim Minahan will be around to recognize the winners, as well.

Also on Wednesday, I’ll be presenting a session at 4 p.m. in room C105. Technically, this is TechTarget’s sponsored session, but I’ll be giving an industry-neutral presentation on why identity is so important in EUC right now. Plus, there’s going to be a reception.

See you in Atlanta!

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchVirtualDesktop

SearchEnterpriseDesktop

SearchServerVirtualization

SearchVMware

Close