Citrix recently announced the coming availability of XenVault - a data protection mechanism for securing offline access to data needed for XenDesktop and XenApp. There are 3 main features/benefits to XenClient.
Encrypted data safe zone
Citrix XenVault Plug-in uses 256 bit AES encryption to protect Citrix XenApp and Microsoft App-V application data and creates encrypted data files in dedicated safe zones on the local device. Contractors, temporary employees and mobile workers get the flexibility to bring their own computer and securely access, store and share application data without compromising the security of the information when working offline.
Centralized IT control
Citrix XenVault Plug-in extends the built-in security protection provided with delivering applications in a hosted virtual environment to include XenApp data encryption on the local device. Now IT can centrally manage encryption with granular application and data access policies, and can easily lock and delete data in the event of loss, theft or termination. Administrators can establish time-based lockout periods and implement self-service password resets-unlocks enhancing user experience while maintaining security and control of the local device.
Citrix Receiver integration
Citrix Receiver is a lightweight software client that runs on laptops, desktops, netbooks, tablets and smartphones-turning any device into a powerful business tool to securely access corporate data anywhere. With Citrix Receiver installed on a device, IT can centrally manage and deliver virtual applications and desktops and keep all software up to date through a single unified experience for users.
Citrix's Joe Nord wrote a very nice technical article explaining how XenVault works here.
Citrix's Harry Labana wrote a use case article that can be found here.
Brian Madden wrote some more thoughts about XenVault here.