Data flow: Accessing a cloud-based application or Internet destination
This data flow describes how data travels between devices and a cloud-based SaaS application or public Internet destination using
- The user enables Work Mode and opens an app and attempts to access a cloud-based application or destination over the public Internet.
- TheCylancePROTECT Mobileapp forAndroidoriOSor theCylanceGATEWAYagent forWindowsormacOSon the device sends the encrypted data through a secure tunnel toCylanceGATEWAYin theBlackBerry Infrastructure.
- CylanceGATEWAYperforms the following actions:
- Determines, based on the access control list (ACL) rules, whether the user has access to that location.
- If the user has access, sends the data to the SaaS application or allows access to the Internet destination.
- If source IP pinning is enabled, the SaaS application verifies that the connection is coming from an IP address that is associated with yourCylanceGATEWAYtenant before allowing access.