The security administrator has no way to activate or deactivate the ability for employees to use the citrix app. As a result, unless the computer is shut down (or logged out) all files are visible on the computer until it is shut down. This will eliminate the employee to have to log in with two factor and will provide full access to the files if the computer is maliciously compromised. This is even more concerning if employee is able to install on their home computer or public computer that is shared. For a company that is built on security, I find this totally unacceptable! Why can't the admin control the use and access capabilities?