Desktop Virtualization - Improved End Point Security and Business Continuity
End point security is one of the biggest network security challenges that IT departments of most organizations are grappling with today. We have a variety of client security solutions available in the market. Most of them are very comprehensive. However, they are pretty complex to implement and manage. Since IT department may not have full control over the terminals that users may be using to connect to the company network (e.g. non-company issued home computers), it is possible that secure configuration requirements are not fully met or are even bypassed by users. In some cases, the end-point security systems and policies may not allow devices not meeting security criteria to connect to the corporate network. This situation may negatively impact worker productivity and also undermine the philosophy of providing secure access to remote and roaming users.
I believe virtual desktops have a great role to play in these scenarios. Virtual desktops will greatly help in:
- Supporting remote workers through secure virtual machines particularly workers who connect to company network by using non-company issued equipment
- Company policy and regulatory compliance
- Handling disruptions, particularly in cases where existing work facilities cease to be accessible to workers because of incidents like Riots, Adverse Weather, Fire and so on. Securely configured Virtual machines may be run from home computers or from computers located at disaster recovery service provider’s facilities
- Safeguarding against stolen laptops, lost USB disks
Modern virtualization technology allows desktop images to stored at central servers accessible through thin clients or regular desktops and laptops and also allows secure, encrypted, locked down virtual machines to be distributed to users. The distributed machines can be configured with approved applications with appropriate security policies enforced. Furthermore, using technologies like VMWare ACE Workstation, the virtual machine images can be configured to self destruct or disable after a defined period of time.
Companies like Tresys have taken then virtual machine security to next level and have also successfully productized their offerings. Their solution, based on secure linux (seclinux) meets stringent US department of defence security requirements.
Since, virtual machines are encapsulated in a single or set of files, they can be easily backed up by users to DVDs or USB storage media. This greatly helps in improving business continuity as these files can potentially be run from any computer located at users home or from another location. Hence virtual machines provide a lot of flexibility to organizations and vastly improves their capability to function during disruptions where regular work facilities may not be available.
Though desktop virtualization has been slow to take off, the adoption rates of this technology may pick up pace with key players like Microsoft and Citrix moving into this space. Microsoft has recently acquired an enterprise desktop virtualization player Kidaro. Citrix, with its Access Gateway and Xen Desktop solution offers a way to leverage benefits of application and desktop virtualization to its customers.
These technologies may give a completely new meaning to telecommuting and temping while positively impacting IT cost.
Who knows, we may soon see days where companies do not maintain any client side equipment (read desktops and laptops). They may choose to run their operations only through virtual images while users bring in their own equipment.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Leave a Reply