Using Virtual Desktops as a Data Access Security Solution
— Brought to you by 2X Cloud Computing guest blogger Brien M. Posey —
In the not too distant past, the general assumption was that most corporate applications would be accessed from within the network perimeter. Today this simply is not the case. Application vendors understand that users are far mobile than they once were and that they use a wide variety of devices. As such, many enterprise applications are designed to be accessed remotely (usually through a Web interface).
Although it may be convenient for your end users to have anywhere access to various applications, providing this access is not without risk. Generally speaking, the more resources that you make directly accessible from beyond the network perimeter, the greater the chance that one of those applications will eventually be used as an entry point during a security breach.
What if there were a way to improve dramatically improve security, while still providing users with access to the applications that they need? It can be done, and virtual desktops can help.
Like most things in IT, an organization’s application set tends to evolve over time. A seasoned administrator probably isn’t going to wake up one morning and decide that they need to roll out ten different applications, all of which are externally accessible through a Web interface.
What usually happens instead is that a new version of an application that an organization is already running just happens to have a Web interface feature that makes it externally accessible. As time goes on, new versions of other applications (and newly acquired applications) also end up having Web interfaces that are inevitably made externally accessible. The end result is a cloud like experience in which users can access a variety of different applications.
Eventually, such an organization may decide to make the switch from physical desktops to virtual desktops. Often times administrators choose to make virtual desktops externally accessible so that users can work from home or so that the users can access their corporate desktop while they are traveling.
Because externally accessible applications and virtual desktops tend to be implemented at different times, administrators might not realize that there are multiple paths to a common set of applications. If a user can access private cloud applications through a virtual desktop, do they really need to be able to access that same application from outside of the virtual desktop? Probably not.
If an organization hosts its own virtual desktops and hosts other externally accessible applications itself, then firewall rules can be put into place to block outside access to those applications. Users will still be able to access the applications from within a virtual desktop session, because the virtual desktops themselves reside within the corporate network perimeter. Therefore, a connection to a private cloud application from within a virtual desktop that is also hosted in the same private cloud environment is seen as a local connection. This means that the applications are still accessible to end users, even though direct external access to the applications has been blocked. In essence, the virtual desktop is acting as an application proxy, even though the underlying process is completely transparent.
About Brien M. Posey
Brien Posey is a ten time Microsoft MVP with two decades of IT experience. Prior to becoming a freelance technical writer, Brien served as CIO for a national chain of hospitals and healthcare facilities. He has also worked as a network administrator for some of the nation’s largest insurance companies and for the Department of Defense at Fort Knox.
Since going freelance in 2001, Brien has become a prolific technical author. He has published many thousands of articles and numerous books on a wide variety of topics (primarily focusing on enterprise networking). In addition to his writing, Brien has provided consulting services to clients and speaks at IT events all over the world.
About 2X Software
2X Software is a global leader in virtual desktop and application delivery, remote access and cloud computing solutions. Thousands of enterprises worldwide trust in the reliability and scalability of 2X products. 2X offers a range of solutions to make every company’s shift to cloud computing simple and affordable.