Security Experts:

AWS Provides Secure Access to Internal Assets With Amazon WorkLink

Amazon Web Services (AWS) on Wednesday announced the launch of Amazon WorkLink, a service that enables organizations to provide employees easy and secure access to internal websites and applications from their mobile devices without the need for a VPN or custom browser.

When employees install Amazon WorkLink on their mobile devices, they can access their company’s internal assets from the existing browser. On the administration side, WorkLink allows IT admins to select what content they want to make available to employees.

AWS launches Amazon WorkLinkBehind the scenes, when a user attempts to access a corporate website through WorkLink, the requested page is first rendered in a secure container in AWS. The content is then sent from this container to the employee’s device, which eliminates the need to store or cache content locally and to directly access the corporate network.

Using WorkLink also eliminates the need to use sophisticated mobile device management (MDM) solutions and maintain complex infrastructure to provide secure access to internal assets, AWS says.

According to AWS, WorkLink delivers webpages to mobile devices as a fully interactive simple vector graphics (SVG) graphical representation. This means that users can interact with the page as they normally would, but less bandwidth is needed and, since no content is stored on the device, there is no need to remotely wipe it in case it gets lost or stolen.

“At the end of the session, the ephemeral cloud-based web browser disappears, ensuring corporate content only resides within the customer’s network. Because Amazon WorkLink is fully managed, it removes the heavy lifting of software and infrastructure deployment, capacity planning, and scaling, as well as the need for custom browser updates,” AWS explained. “With Amazon WorkLink, mobile devices never connect directly to the corporate network, narrowing the path for device-based malware to reach enterprise resources behind the corporate firewall.”

WorkLink is immediately available in North America and Europe, but AWS expects to expand to other regions over the next year. The service costs $5 per active user per month and can be configured from the AWS Management Console. The iOS app is already available in the Apple App Store and the Android version will be published to Google Play in a few weeks.

The service is powered by Okta and Ping identity solutions, and it works with Safari, with Chrome support expected in the upcoming weeks.

Several companies have already been using Amazon WorkLink, including Intuit, Unisys, Oak Hill Advisors, Brillio, Privo, 8K Miles, and Eplexity.

Related: AWS Security Hub Aggregates Alerts From Third-Party Tools

Related: AWS Adds New Feature for Preventing Data Leaks

Related: AWS Launches New Tools for Firewalls, Certificates, Credentials

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.