Secure Private Access for Citrix Workspace

When a webpage and its iframes have different policies, we now have a stricter policy implementation. We apply a union of all policies on the entire webpage, including the iframes. However, the watermark is applied to the webpage only.



An administrator can restrict actions such as:

  • Restrict clipboard access: Disables cut, copy, and paste operations between the app and the endpoint’s clipboard.

    Clipboard access Restricted

  • Restrict printing: Disables the ability to print from within the app.

    Printing restricted

  • Restrict downloads: Disables the ability to download from within web and SaaS apps or copy files from the browser.

    Download restricted

  • Restrict upload: Disables the ability to upload files.

    Upload restricted


The restrict upload feature is available on:

  • Windows and later
  • Mac and later
  • Display watermark: Overlays a screen-based watermark that shows the user name and public IP address of the endpoint.


The Restrict navigation option isn’t supported.

App protection policies

  • Restrict keylogging: Protects users from keyloggers.

  • Restrict screen capturing: Disables capturing screenshots or screen recording for the app that this policy is applied to. This policy is applied as long as a protected tab is visible (not minimized) in your browser window.


  • If you apply enhanced security features through the Secure Workspace App panel, the apps open in the Citrix Enterprise Browser.

  • If no enhanced security features are applied, the apps open in the native browser.

Secure Private Access for Citrix Workspace