When we started working together with Google a year ago, we saw the same shift our customers were living every day: work moving steadily into the browser. SaaS applications replacing legacy systems. Internal apps becoming web‑based. And a workforce no longer tied to a single device, location, or ownership model.

The question wasn’t whether the browser mattered; that was already clear. The real question was: how do you secure it in a way—without all the cumbersome device-based security controls—that actually works in the modern enterprise?

Over the past year, our partnership with Google has been about answering that question step by step.

Starting with a simple goal: reduce friction without increasing risk

Early on, the focus was clear. Organizations wanted to move away from approaches like publishing a Chrome browser through VDI for basic web access — especially for contractors and third‑party users where they may not be able to secure the device itself — but they couldn’t afford to trade security for convenience.

By using Chrome Enterprise, Google’s secure enterprise browser, and combining Citrix Secure Private Access with its granular ZTNA access controls to internal applications, we began addressing that gap: enabling browser‑native, Zero Trust access that didn’t require new agents, new workflows, or new habits. Users opened Chrome and security policies followed them into the session. And so Citrix Secure Access with Chrome Enterprise was born.

Today, we’re announcing a few new capabilities.

Extending security to unmanaged devices

One of the most important areas of investment over the past year has been unmanaged device access.

When dealing with unmanaged and third‑party devices, many organizations found themselves caught between imperfect options. Issuing corporate managed devices or standing up virtual desktops added significant cost and complexity, especially when the work only occurred in a browser. Extending access through the browser introduced a familiar tension: how to give people flexibility without increasing the risk of data loss.

When work happens on devices that an organization doesn’t fully control, concerns around data loss, malicious software, issues like keylogging, and residual artifacts after a session ends become harder to ignore.

Now, organizations can benefit from encrypted browser cache to further ensure that data cached during secure browser sessions remains protected, even if someone attempts to access it directly through the filesystem on the endpoint.

Additionally, joint customers can further strengthen their browser sessions against malicious software that may exist on unmanaged devices with new anti‑keylogging protections.

Keeping downloaded data secured, without disrupting work

Preventing data loss only works if it doesn’t break the user experience. Another area where that balance matters is file handling.

As browser‑based access becomes the norm, downloaded files shouldn’t fall outside existing governance models. At the same time, users shouldn’t have to change how they work just to stay compliant.

Now organizations can enforce secure document redirection to enterprise content repositories, starting with Google Drive and coming soon to Microsoft OneDrive. With this capability, files downloaded from corporate applications can be automatically redirected to approved, company‑managed storage locations.

The experience remains familiar for users. The outcome remains controlled for organizations. And data stays within the systems designed to protect it.

Recognition that reflects momentum, not a finish line

As this partnership approaches its one‑year mark, it’s encouraging to see both customers and industry analysts acknowledge the progress. Analysts like IDC and GigaOm have recognized the direction Citrix and Google are taking together: securing access where work actually happens, without forcing organizations to choose between experience, cost, and control.

That recognition matters, not as an endpoint, but as validation that the fundamentals are right.

Make secure web access simpler, more cost‑effective, and more aligned with how people actually work.

These new capabilities will be available in early April 2026.

To learn more about Citrix Secure Access, please visit our website and download our guide: How to close the last mile of Zero Trust in the browser.

Disclaimer: This publication may include references to the planned testing, release and/or availability of Cloud Software Group, Inc. products and services. The information provided in this publication is for informational purposes only, its contents are subject to change without notice, and it should not be relied on in making a purchasing decision. The information is not a commitment, promise or legal obligation to deliver any material, code, or functionality. The development, release, and timing of any features or functionality described for products remains at the sole discretion of Cloud Software Group, Inc.