Pondering Security And Virtual Desktops0
If you’re like any of the surveyed CIOs from an Information Week article mid 2010, 77% of corporations are currently using or testing solutions for VDI (http://mcaf.ee/c8b2e). But this really doesn’t tell the whole story. Virtual desktops are a disruptive technology, most deployments don’t have an outwardly positive return on investment, and there are a wide variety of options and vendors to review. What I don’t see reflected in the marketing and online dialogues and communities is how does the business have to change their thinking, planning and eventually services to achieve the most from virtual desktops and how this may need to filter down to how one thinks about security.
One of the exciting elements of this technology is breaking out of the ‘one size fits all’ model to delivering true customized workflows. As consumers we are already primed with customized and highly available experiences from app stores, mobile payment and rewards cards, members only limited time sales and discounts, and ability to create feeds of information based on our preferences and history. All of these scream personalization, something large organizations historically have not been good at.
Since the time of Henry Ford, factory mentality has prevailed with a few exceptions for executives or limited classification based on business unit. But future thinking organizations are looking at micro groups that can immediately benefit from virtual desktops. They are embracing the fact that the most valuable asset, and also risk, to the organization is the knowledge worker and are starting to roll-out services and systems that align to their consumer experience and facilitating a more flexible work style. By the way when technology-savy employees are enabled according to an iPass survey they work up to 240 hours more a year. (http://mcaf.ee/49ba7 ).
How should security change? Security can be traditionally measured by the number of threats blocked and days without compromise. This is valuable but many of the issues around security today also need to be driven around policy and acceptable use. Security policy management needs to be flexible and easy to manage to make this successful for enterprises. Unfortunately security and policy management many times is as an afterthought to the design and business requirements.
So you’re thinking of supporting ipads in your organization? What kind of security policy setting is possible? You can deny access to corporate network if the device has been jail broken and you can implement a set of enterprise recommended applications now available with McAfee Enterprise Mobility Manager. If your implementing vdi to an ipad or tablet, say with Citrix XenDesktop, you can ensure virus protection of the vdi workflow with McAfee MOVE AV for VDI, setting the AV security policy per vdi or specific work group. But for enterprises having the ease of management to set these policies and report on compliance is what should matter. You can now report on the device compliance; what applications are installed and issues that make it out of compliance, and also report on the vdi workflow security compliance and virus scanning results.
There are many options and personalization and consumerization can overwhelm an enterprise with complexity. But for an additional six week of potential work or ability to enable business even when Mother Nature wants to declare a snow day is the opportunity for IT.