Tag Archives: Connected Workspaces

Chrome OS joins forces with VMware to accelerate the adoption of Chromebooks in the enterprise

From using Windows to web to mobile apps, our Chrome OS enterprise customers will now benefit from an extended partnership with VMware, which we announced today at Dell EMC World. The collaboration includes integration with VMware Workspace ONE, allowing customers to easily and securely deploy applications on Chrome OS devices.

Workspace ONE adds to the existing security of Chrome devices, which are designed with security in mind from boot up to shut down. Multiple layers of protection are built in to every Chromebook, ranging from encrypted data and platform storage, a Verified Boot process, sandboxing of all applications and security modules such as TPM chips. With the combined forces of Workspace ONE and Chrome OS, that security extends to virtualized applications to run your business.

Dell Chromebook VMware Workspace ONE

Workers gain access to more work applications through VMware Horizon desktop virtualization along with an added bonus: one click authentication and application management. Workspace ONE on Chromebooks and other Chrome OS devices simplifies the secure login process with SSO, or single sign on. Employees can then access the applications they need to get work done through a managed software catalog.

Sumit Dhawan, senior vice president and general manager, End-User Computing, VMware says “We believe the combination of VMware Workspace ONE and Chrome OS will provide increased security and accessibility to applications for customers using the platform. This is just the first step in our collaboration on this platform with more to come.”

IDC estimates that by 2018, 25% of Fortune 500 companies will have IT-supported Chromebooks deployed in their organization thanks to the speed, simplicity and shareability of secure Chromebooks. Find out why and learn more about how Chrome device security combined with simple to manage devices and the new Workspace ONE solution can empower your workforce today.

Chrome OS joins forces with VMware to accelerate the adoption of Chromebooks in the enterprise

From using Windows to web to mobile apps, our Chrome OS enterprise customers will now benefit from an extended partnership with VMware, which we announced today at Dell EMC World. The collaboration includes integration with VMware Workspace ONE, allowing customers to easily and securely deploy applications on Chrome OS devices.

Workspace ONE adds to the existing security of Chrome devices, which are designed with security in mind from boot up to shut down. Multiple layers of protection are built in to every Chromebook, ranging from encrypted data and platform storage, a Verified Boot process, sandboxing of all applications and security modules such as TPM chips. With the combined forces of Workspace ONE and Chrome OS, that security extends to virtualized applications to run your business.

Dell Chromebook VMware Workspace ONE

Workers gain access to more work applications through VMware Horizon desktop virtualization along with an added bonus: one click authentication and application management. Workspace ONE on Chromebooks and other Chrome OS devices simplifies the secure login process with SSO, or single sign on. Employees can then access the applications they need to get work done through a managed software catalog.

Sumit Dhawan, senior vice president and general manager, End-User Computing, VMware says “We believe the combination of VMware Workspace ONE and Chrome OS will provide increased security and accessibility to applications for customers using the platform. This is just the first step in our collaboration on this platform with more to come.”

IDC estimates that by 2018, 25% of Fortune 500 companies will have IT-supported Chromebooks deployed in their organization thanks to the speed, simplicity and shareability of secure Chromebooks. Find out why and learn more about how Chrome device security combined with simple to manage devices and the new Workspace ONE solution can empower your workforce today.

How the World Bank is mobilizing their workforce with Android

Since formally launching enterprise support in Android two years ago, we’ve seen an explosion in the way companies are using mobile devices to evolve their businesses.

The World Bank Group, which provides financial and technical assistance to developing countries, was one of the first to mobilize their workforce with Android’s built-in enterprise features. With about 30% of their employees traveling at a given time, productivity on-the-go is critical for the Washington D.C.-based institution. After adopting the enterprise features, the World Bank has been able to provide a full set of internal and third-party mobile apps through the managed Google Play Store, allowing employees to work from anywhere. All applications are delivered and configured automatically through Google Play, so users don’t need to set up apps.

Employees have a choice between corporate-provisioned or personally-enabled Android phones that provide users with first-class mobile-enhanced capabilities. By using Android’s work profile and VPN support, employees can access sensitive data and keep it secure and separate from personal information. And with the availability of dual SIM devices, many users have been able to ditch a second device and work with one Android phone to communicate abroad and at home.

The native capabilities in Android allow the World Bank to manage its devices through our partner MobileIron in a consistent way, reducing complexity and the cost of support. As part of their migration to modern enterprise management APIs and the managed Google Play Store, they’re able to follow Android’s enterprise best practices for secure deployments, such as blocking installation of apps from unknown sources.

The World Bank is a leading example of how organizations can leverage the built-in enterprise features in Android to securely expand mobility and make employees more productive. 

To learn about the enterprise and security features in Android and how they can work for your organization, check out MobileIron Live this week in Santa Clara or MobileIron Live in Berlin June 1-2, where Android leaders will be presenting in various keynote and technical track discussions.


How the World Bank is mobilizing their workforce with Android

Since formally launching enterprise support in Android two years ago, we’ve seen an explosion in the way companies are using mobile devices to evolve their businesses.

The World Bank Group, which provides financial and technical assistance to developing countries, was one of the first to mobilize their workforce with Android’s built-in enterprise features. With about 30% of their employees traveling at a given time, productivity on-the-go is critical for the Washington D.C.-based institution. After adopting the enterprise features, the World Bank has been able to provide a full set of internal and third-party mobile apps through the managed Google Play Store, allowing employees to work from anywhere. All applications are delivered and configured automatically through Google Play, so users don’t need to set up apps.

Employees have a choice between corporate-provisioned or personally-enabled Android phones that provide users with first-class mobile-enhanced capabilities. By using Android’s work profile and VPN support, employees can access sensitive data and keep it secure and separate from personal information. And with the availability of dual SIM devices, many users have been able to ditch a second device and work with one Android phone to communicate abroad and at home.

The native capabilities in Android allow the World Bank to manage its devices through our partner MobileIron in a consistent way, reducing complexity and the cost of support. As part of their migration to modern enterprise management APIs and the managed Google Play Store, they’re able to follow Android’s enterprise best practices for secure deployments, such as blocking installation of apps from unknown sources.

The World Bank is a leading example of how organizations can leverage the built-in enterprise features in Android to securely expand mobility and make employees more productive. 

To learn about the enterprise and security features in Android and how they can work for your organization, check out MobileIron Live this week in Santa Clara or MobileIron Live in Berlin June 1-2, where Android leaders will be presenting in various keynote and technical track discussions.


Fraikin’s road warriors work anywhere with Chrome devices

Editor’s note: Today’s blog post comes from Franck Lerivrain, Development Manager at Fraikin, one of Europe’s largest commercial vehicle rental and fleet management companies. Fraikin uses Chromebooks, Chromebases and G Suite to enable mobile employee productivity and to reduce IT maintenance efforts.

Every day, Fraikin’s 57,000 trucks travel thousands of miles across Europe, Asia and the Middle East, delivering everything from fresh produce to hospital supplies and newspapers. In France, where we operate 135 branch offices, we want our office employees to be as mobile as our drivers and trucks. They can do their best work when they can go on the road to meet with customers, maintain trucks, and travel between our truck rental locations. Now that we’re building workstations based on Chromebooks and Chromebases, we can give workers access to the applications they need, inside and outside the office.

Before we began using G Suite and Chrome devices, employees used 1,500 PCs in our offices throughout France. The computers ran local versions of the software that employees needed to do their jobs, such as vehicle booking management tools, accounting solutions, and customer databases. Our IT team spent many hours updating and troubleshooting the machines, often traveling to branch offices to keep the PCs up and running.
We can give workers access to the applications they need, inside and outside the office.

Accessing legacy enterprise applications was difficult for employees. They could only use the applications on their own workstations, not on laptops or phones. We have 400 sales reps in France, and they’re usually traveling to meet customers at their own offices. The sales reps couldn’t log into our databases to update customer records until they arrived back at branch offices, nor could they look up information to answer questions from customers.

Acer Chromebase

We needed to swap out the PC workstations for tools that were more flexible, and didn’t demand as much attention from our IT team. These goals were part of our virtual device infrastructure (VDI) initiative, which we hoped would modernize our branch-office technology and allow employees to work even when not at their desks. We’re replacing all 1,500 PCs with all-in-one Chromebases, as well as Chromebooks for employees who need laptops.

As we roll out Chromebooks and Chromebases to French branch offices, we’ll make it easy for employees to find the applications they need, like Google Docs and Google Drive, through the Chrome browser. We’re using Syspertec’s Virtel Web Access, installed on our mainframe computer system, to allow employees to access our legacy applications through Virtel’s thin client emulator. Virtel Web Access replaced software previously installed on each computer to connect people to applications hosted on the mainframe system. Now, anywhere there’s a Chrome browser – on Chromebooks, Chromebases, or Android phones – employees can find G Suite and other enterprise applications and start working.

We expect that the cost of purchasing and maintaining Chromebooks and Chromebases will be only a fifth of the cost of the old PC workstations. Much of the savings will come from reduced maintenance. In addition, we’ll save on the cost of the old software we needed to connect to the mainframe. My IT staff won’t need to travel to branch offices as often, since we can update software from our home office. Employees can simply log in through Chrome and access the latest software, without any action on their end. G Suite is updated automatically, so that’s another maintenance task we can cross off our list.

Our sales teams may benefit the most from flexible hardware and software. They now use Android phones, so if they’re at a customer site and need to look up rental pricing or truck specs, they can find it in just a few taps instead of driving back to the office. Our employees’ new mobility is the right match for a company that’s all about staying on the road and keeping business moving.

Fraikin’s road warriors work anywhere with Chrome devices

Editor’s note: Today’s blog post comes from Franck Lerivrain, Development Manager at Fraikin, one of Europe’s largest commercial vehicle rental and fleet management companies. Fraikin uses Chromebooks, Chromebases and G Suite to enable mobile employee productivity and to reduce IT maintenance efforts.

Every day, Fraikin’s 57,000 trucks travel thousands of miles across Europe, Asia and the Middle East, delivering everything from fresh produce to hospital supplies and newspapers. In France, where we operate 135 branch offices, we want our office employees to be as mobile as our drivers and trucks. They can do their best work when they can go on the road to meet with customers, maintain trucks, and travel between our truck rental locations. Now that we’re building workstations based on Chromebooks and Chromebases, we can give workers access to the applications they need, inside and outside the office.

Before we began using G Suite and Chrome devices, employees used 1,500 PCs in our offices throughout France. The computers ran local versions of the software that employees needed to do their jobs, such as vehicle booking management tools, accounting solutions, and customer databases. Our IT team spent many hours updating and troubleshooting the machines, often traveling to branch offices to keep the PCs up and running.
We can give workers access to the applications they need, inside and outside the office.

Accessing legacy enterprise applications was difficult for employees. They could only use the applications on their own workstations, not on laptops or phones. We have 400 sales reps in France, and they’re usually traveling to meet customers at their own offices. The sales reps couldn’t log into our databases to update customer records until they arrived back at branch offices, nor could they look up information to answer questions from customers.

Acer Chromebase

We needed to swap out the PC workstations for tools that were more flexible, and didn’t demand as much attention from our IT team. These goals were part of our virtual device infrastructure (VDI) initiative, which we hoped would modernize our branch-office technology and allow employees to work even when not at their desks. We’re replacing all 1,500 PCs with all-in-one Chromebases, as well as Chromebooks for employees who need laptops.

As we roll out Chromebooks and Chromebases to French branch offices, we’ll make it easy for employees to find the applications they need, like Google Docs and Google Drive, through the Chrome browser. We’re using Syspertec’s Virtel Web Access, installed on our mainframe computer system, to allow employees to access our legacy applications through Virtel’s thin client emulator. Virtel Web Access replaced software previously installed on each computer to connect people to applications hosted on the mainframe system. Now, anywhere there’s a Chrome browser – on Chromebooks, Chromebases, or Android phones – employees can find G Suite and other enterprise applications and start working.

We expect that the cost of purchasing and maintaining Chromebooks and Chromebases will be only a fifth of the cost of the old PC workstations. Much of the savings will come from reduced maintenance. In addition, we’ll save on the cost of the old software we needed to connect to the mainframe. My IT staff won’t need to travel to branch offices as often, since we can update software from our home office. Employees can simply log in through Chrome and access the latest software, without any action on their end. G Suite is updated automatically, so that’s another maintenance task we can cross off our list.

Our sales teams may benefit the most from flexible hardware and software. They now use Android phones, so if they’re at a customer site and need to look up rental pricing or truck specs, they can find it in just a few taps instead of driving back to the office. Our employees’ new mobility is the right match for a company that’s all about staying on the road and keeping business moving.

Fraikin’s road warriors work anywhere with Chrome devices

Editor’s note: Today’s blog post comes from Franck Lerivrain, Development Manager at Fraikin, one of Europe’s largest commercial vehicle rental and fleet management companies. Fraikin uses Chromebooks, Chromebits and G Suite to enable mobile employee productivity and to reduce IT maintenance efforts.

Every day, Fraikin’s 57,000 trucks travel thousands of miles across Europe, Asia and the Middle East, delivering everything from fresh produce to hospital supplies and newspapers. In France, where we operate 135 branch offices, we want our office employees to be as mobile as our drivers and trucks. They can do their best work when they can go on the road to meet with customers, maintain trucks, and travel between our truck rental locations. Now that we’re building workstations based on Chromebooks and Chromebits, we can give workers access to the applications they need, inside and outside the office.

Before we began using G Suite and Chrome devices, employees used 1,500 PCs in our offices throughout France. The computers ran local versions of the software that employees needed to do their jobs, such as vehicle booking management tools, accounting solutions, and customer databases. Our IT team spent many hours updating and troubleshooting the machines, often traveling to branch offices to keep the PCs up and running.
We can give workers access to the applications they need, inside and outside the office.

Accessing legacy enterprise applications was difficult for employees. They could only use the applications on their own workstations, not on laptops or phones. We have 400 sales reps in France, and they’re usually traveling to meet customers at their own offices. The sales reps couldn’t log into our databases to update customer records until they arrived back at branch offices, nor could they look up information to answer questions from customers.

Chrome OS.png

We needed to swap out the PC workstations for tools that were more flexible, and didn’t demand as much attention from our IT team. These goals were part of our virtual device infrastructure (VDI) initiative, which we hoped would modernize our branch-office technology and allow employees to work even when not at their desks. We’re replacing all 1,500 PCs with Chromebits that plug in to monitors, as well as Chromebooks for employees who need laptops.

As we roll out Chromebooks and Chromebits to French branch offices, we’ll make it easy for employees to find the applications they need, like Google Docs and Google Drive, through the Chrome browser. We’re using Syspertec’s Virtel Web Access, installed on our mainframe computer system, to allow employees to access our legacy applications through Virtel’s thin client emulator. Virtel Web Access replaced software previously installed on each computer to connect people to applications hosted on the mainframe system. Now, anywhere there’s a Chrome browser – on Chromebooks, connected Chromebits, or Android phones – employees can find G Suite and other enterprise applications and start working.

We expect that the cost of purchasing and maintaining Chromebooks and Chromebits will be only a fifth of the cost of the old PC workstations. Much of the savings will come from reduced maintenance. In addition, we’ll save on the cost of the old software we needed to connect to the mainframe. My IT staff won’t need to travel to branch offices as often, since we can update software from our home office. Employees can simply log in through Chrome and access the latest software, without any action on their end. G Suite is updated automatically, so that’s another maintenance task we can cross off our list.

Our sales teams may benefit the most from flexible hardware and software. They now use Android phones, so if they’re at a customer site and need to look up rental pricing or truck specs, they can find it in just a few taps instead of driving back to the office. Our employees’ new mobility is the right match for a company that’s all about staying on the road and keeping business moving.

Mobility best practice in connected workspaces: tiered access at Google

How does Google manage its own devices? With a huge range of devices on multiple platforms used by over 61,000 employees, it’s no small feat.

Google’s Technical Infrastructure organization is tasked with protecting employees against sophisticated adversaries, while ensuring that corporate security practices do not interfere with Google’s culture of innovation, freedom and flexibility. It accomplishes this with a tiered access security model that categorizes corporate services and devices into trust tiers to determine access.  

Today, we are sharing details about our tiered access approach so that IT admins can use it to deploy devices in their organizations.

In contrast to traditional security models, tiered access looks at a wide range of variables to make granular decisions regarding access. These variables go beyond simple user authentications—for example, device state, group permissions and required level of trust for a particular employee role are all taken into account.

First, internal services are associated with a trust tier according to the sensitivity of the data. A service can have one minimum trust tier or a more granular model of access where components and/or capabilities (e.g. read or write access) have different minimum trust tiers based on risk.

How Google Uses Tiered Access to Secure Devices

Second, as resource requests are made from devices, user credentials are verified and the state of the device is queried to assess its risk profile. On successful user verification, access to services is granted only if the assessed risk profile of the device matches the required trust tier.

When implementing tiered access, there are three main components to consider:

  • Client base and data sources: what is the composition of your organization’s fleet of devices and what data do you have about them?

  • Access intelligence and gateways: what technology can you use to evaluate a set of policies and make access decisions? How close to when some attempts to access information can these decisions be made?

  • Services to be accessed: what services need access controls and how will you classify the sensitivity of those services?

For Google, tiered access is a powerful tool that goes hand in hand with a larger project called BeyondCorp, which challenges the traditional security assumptions that private or “internal” IP addresses represented a “more trusted” device than those coming from the internet, and is now available as a GCP service called Identity-Aware Proxy (IAP).

To learn more about taking a similarly dynamic, flexible approach to security when planning device deployments, check out the second edition in Google Cloud’s best practice series, which shares recommendations for IT decision-makers deploying Android and Chrome devices.


Mobility best practice in connected workspaces: tiered access at Google

How does Google manage its own devices? With a huge range of devices on multiple platforms used by over 61,000 employees, it’s no small feat.

Google’s Technical Infrastructure organization is tasked with protecting employees against sophisticated adversaries, while ensuring that corporate security practices do not interfere with Google’s culture of innovation, freedom and flexibility. It accomplishes this with a tiered access security model that categorizes corporate services and devices into trust tiers to determine access.  

Today, we are sharing details about our tiered access approach so that IT admins can use it to deploy devices in their organizations.

In contrast to traditional security models, tiered access looks at a wide range of variables to make granular decisions regarding access. These variables go beyond simple user authentications—for example, device state, group permissions and required level of trust for a particular employee role are all taken into account.

First, internal services are associated with a trust tier according to the sensitivity of the data. A service can have one minimum trust tier or a more granular model of access where components and/or capabilities (e.g. read or write access) have different minimum trust tiers based on risk.

How Google Uses Tiered Access to Secure Devices

Second, as resource requests are made from devices, user credentials are verified and the state of the device is queried to assess its risk profile. On successful user verification, access to services is granted only if the assessed risk profile of the device matches the required trust tier.

When implementing tiered access, there are three main components to consider:

  • Client base and data sources: what is the composition of your organization’s fleet of devices and what data do you have about them?

  • Access intelligence and gateways: what technology can you use to evaluate a set of policies and make access decisions? How close to when some attempts to access information can these decisions be made?

  • Services to be accessed: what services need access controls and how will you classify the sensitivity of those services?

For Google, tiered access is a powerful tool that goes hand in hand with a larger project called BeyondCorp, which challenges the traditional security assumptions that private or “internal” IP addresses represented a “more trusted” device than those coming from the internet, and is now available as a GCP service called Identity-Aware Proxy (IAP).

To learn more about taking a similarly dynamic, flexible approach to security when planning device deployments, check out the second edition in Google Cloud’s best practice series, which shares recommendations for IT decision-makers deploying Android and Chrome devices.


Système U connects supermarket workers with Chrome and G Suite

Editor’s note: Today’s blog post comes from Philippe Bonnet, G Suite Advisor and Senior Consultant at Système U, a cooperative organization of 1,500 independent supermarkets across France. Système U began as a bread cooperative founded in Western France in 1894, before its creation in 1983. The company adopted Google Chrome browser and G Suite in  2013 to save time for each cooperative team and to allow supermarket employees to work together more efficiently.

Most of Système U’s 60,000 employees interact with customers throughout the work day. In Paris, they roam store aisles helping customers find the groceries they need. In Clermont l'Herault in the South, they may be unloading deliveries. Or in Mulhouse in the East, they might be designing and setting up store displays. What they have in common is that they usually don’t sit in front of a computer all day, nor are they IT experts. Any communication and collaboration tools need to fit the way they serve customers—which is why we chose Chrome browser and G Suite.

Systeme U Chromebook G Suite usage

Before we switched to Chrome and G Suite, employees in our 1,500 stores—from large hypermarkets in big cities to small stores in rural areas—used many different email and productivity tools and web browsers. This was also true for employees like me at our corporate headquarters in Rungis, near Paris or at our IT headquarters in Carquefou, near Nantes. Some of us used Outlook for email, some used GroupWise. Management employees couldn’t easily access their email when they traveled out of the office, so they couldn’t keep their projects operating smoothly from the road.

Most employees used Internet Explorer for web access, but not necessarily the same versions. Both office and store employees use web-based applications for the retail industry. Every time a new version of IE was released, the IT team had to spend many hours making sure the apps were compatible with the updated browsers across all versions. IE’s roadmap also wasn’t very clear to our developers; we didn’t know when updates would occur, and optimizing apps to work with IE was time-consuming and expensive.

In 2013, we began our move to the cloud, and specifically Gmail and Chrome. We wanted to be in the cloud where we wouldn’t have to worry about adding servers to manage email, and employees could access their messages from anywhere,  whether walking through stores or commuting to work. We made Chrome our official browser company-wide, and it’s the only browser we now support, which makes our IT team’s job much easier. It’s a much more transparent and flexible browser—we can choose when and how we receive updates and security fixes, so we know what’s coming and when.
Système U IT

We also made the decision to build the apps used by our employees so that they are compatible with Chrome, even as the browser is updated. This is another way we help both employees and IT staff save time, since users don’t need to worry if their everyday apps will work with the browser.

Now that my technical colleagues and I spend less time trying to make apps function with a browser, we have more time for long-term projects, such as rolling out other G Suite products such as Google Drive, Google Slides, and G+. We just wrapped up a pilot project in nine stores with Google Drive, and employees are very enthusiastic about keeping documents in a central place where their co-workers can share them to keep projects moving along at a steady pace. Our 2017 plan is to deploy Google Drive company-wide.

Système U employees work hard enough without asking them to troubleshoot email or app problems. Any collaboration and email tools we provide to them need to be easy to use right away, without extensive training or ramp-up time. Employees don’t need to be tied to their computers, and they can spend more time doing what they do best—meeting and helping customers face to face in the supermarket aisles.