Embedded co-browsing offers a solution to the possible problem of accessing sensitive content from within your intranet. Sometimes it is simply not possible to access content that may be secured or otherwise inaccessible from within a company’s intranet (which is where the Agent Desk resides).
On a technical level session-specific can be defined as a protected web site with resources that are dynamically generated within the context of the session.
Unblu cannot identify precisely what is and what is not session-specific within your particular business domain. In order to ascertain whether or not something is session-specific you should think about the events you foresee taking place within engagement sessions. For example, anything that is unique or personal to a visitor is almost certainly session-specific: Contracts with names or other personal information, account details, charts or analyses prepared for specific customers, anything describing transactions. Ask yourself: Will there ever be a time when you want to conduct transactions using Unblu? In truth, it is probably simpler to picture a system that does not require the SecureFlow Manager and ask yourself if this is enough. Remember that unless you are absolutely certain that there will never be a single dynamic resource used during a session, you will need the SecureFlow Manager.
Even if you believe that your resources are not session-specific it may still be that some content simply cannot be accessed by Agent Desks sitting behind your firewall. A simple test to ascertain whether the Agent Desk can access such content directly from your web servers can be applied by attempting to load, for example, an icon from the page of your, for example, ebanking solution. If you can access the icon (i.e., it loads into the browser) from the internet but not from your intranet then you probably need to employ the SecureFlow Manager in order to ‘bypass’ whatever policies you have in place to protect the server. (The SecureFlow Manager ensures that the Collaboration Server gets all of its content from the filter in the request queue and never attempts to communicate directly with your servers.)
|Even if you have identified that all of the resources that will be available during a session are ‘static resources’ there may be issues ‘hidden’ within deeper technical processes. The people in your organization closest to those processes will be best placed to make informed judgments as to whether any given resource is static or dynamic.|