Secure Remote Worker’s Write Filter

Hi all, we are coming at you again with another blogpost, this time to let you know about our new feature for Secure Remote Worker, in our 6.0 release.

Built to provide a greater level of security and assist in achieving PCI, HIPAA and GDPR compliance, Secure Remote Worker’s write filter will allow for a clinical level of separation between the Secure Remote Worker session and end user’s personal machine. Thanks to the great effort of our dev team,  Secure Remote Worker will allow you to utilize this write filter functionality on all personal Windows devices.

In this post we will be going through:

  • Secure Remote Worker for those who may not know about it
  • The new write filter &  how it works
  • A few points as to why this new version of Secure Remote Worker is an ideal solution for BYOD and Remote Working scenarios

Secure Remote Worker overview

So first, for anyone who doesn’t know, Secure Remote Worker is a secure digital workspace for personal devices. The solution can be used to provide endpoints for both BYOD and remote working scenarios.

Secure Remote Worker presents itself as an application on the end-user’s personal device. Once Secure Remote Worker is launched, the user is logged out of their local session and launched into a new secure session with no access to their OS. The user can only work within their provided workspace, and once finished simply log out of their secure session and are returned to their personal device, with complete freedom to do as they like.

Work from home easily on personal devices with Secure Remote Worker

Secure Remote Worker allows you to manage your workers centrally, regardless of their location. Deployment of the software can also be done centrally, and, due to an easy and quick installation process, user onboarding is much faster.

The solution also makes life easier for administration outside of central management, as the device options that are available in the secure UI are passed through from the local device. End-user familiarity means less calls to support for problems that the user can fix themselves.

With tools included with Secure Remote Worker, such as the Validation Tool or the Virtual Desktop Agent, you can ensure from your central management that the endpoints which your end-users are introducing into your workplace are secure and up to your organization’s device health standards.

Secure Remote Worker is a cost-effective alternative to device procurement and distribution by allowing end users to utilize their own personal devices, while still ensuring they are working from a centrally managed endpoint, and maintaining a security compliant environment.

Secure Remote Worker’s Write Filter

Secure Remote Worker’s write filter is a new feature we are bringing with 6.0. It helps to protect your system by redirecting any writes to the drive within Secure Remote Worker to a virtual overlay within a temporary location. The overlay is destroyed upon ending the secure remote worker session (where auxiliary applications, downloads or device settings will all be removed and reset).

It allows admins to maintain a unified and clean experience for their user’s work environments.

How is this achieved?

Secure Remote Worker’s Write Filter works on any volume where your Windows OS is installed.

Sitting on top of the volume, our write filter intercepts file requests from any application. It functionally will scan to see if any change is being attempted on the disk. If the write filter concludes that a change is attempting to be performed on the volume in question, the write filter moves the request to a VFS (virtual file system), backed by a virtual hard disk. Recent changes will be accessible inside the Secure Remote Worker session while the user is still logged in. However, the moment you close SRW, the VFS is destroyed along with the requests made during the SRW session.

This ensures you can carry nothing over when you return to your own personal device and are back to a clean slate upon returning to your Secure Remote Worker session.
Applications and the users utilizing them will not be able to tell the difference between the VFS and the main volume when attempting to save changes or install applications, the only difference they will notice is that once their session ends nothing has been carried over or saved for the next session.

Avoid data leakage, utilize central management & more

Data Leakage
With Secure Remote Worker’s Write Filter, risk of data leakage is exponentially reduced. Data cannot simply be copied to working documents and accessed outside of Secure Remote Worker.
This focus on data leakage would be one of the main differences between our Write filter and something like Windows 10’s Unified Write Filter. UWF works on the local machine to keep the OS clean, normally intended for shared machines that would be locked down by group policy.

Secure Remote Worker’s Write Filter ensures that no changes can occur in the secure session when working, and that no data can be carried over to the personal machine post secure session.
An employee, for example, with access to sensitive financial information would be unable to transfer data outside of the workspace, maintaining standards for PCI compliance within your BYOD/remote worker deployment.

Central Management
The Secure Remote Worker Write Filter will be accessible through the profile editor, within the Endpoint Security section, as an optional feature that can be turned on or off. You also have the ability to specify the size of the virtual drive that the write filter will use while the session is active, this can be any size within the limitations of the volume OS.

Profile editor write filter thinscale management console

As it is configured using the profile editor, this means that the write filter can be set on your SRW devices from the ThinScale Management Platform, so you can easily control what device deployments will be secured with the write filter.

Any Windows Endpoint
As mentioned, the main difference between the Secure Remote Worker write filter and others is that our write filter works within the Secure Remote Worker framework, it is intended to prevent information to be saved to the users workspace as well as preventing data from being moved to the local endpoint. The write filter is a feature that works within Secure Remote Worker specifically, independent of the OS version. As such Secure Remote Worker and it’s write filter will run and be supported on on any X64/86 device running Windows 7, 8, 8.1, or any edition of 10.

With the Secure Remote Worker’s write filter, the separation between personal and corporate device is even stronger. Once an end-user is in Secure Remote Worker, there is no way for them to save anything within the workspace, ensuring not just security but reliability in performance.

Curious about how this Write Filter can impact your remote working deployment? Get in touch with us below!


Ready to see it in action?