The rise of remote and hybrid work arrangements has made it necessary for companies to support a remote workforce. Off-site workers need to be able to access corporate applications and data, and may work from a wide variety of devices under a bring-your-own-device (BYOD) or bring-your-own-PC (BYO-PC) program.
Historically, a common way of addressing the logistical and security challenges of remote work is to use virtual desktop infrastructure (VDI). VDI provides workers with remote access to virtualized desktops that are hosted within the corporate data center or cloud infrastructure. With VDI, companies maintain control over their data — which never leaves the hosted desktops — and provide a consistent work environment that employees can access from a range of devices. It does come with challenges though, including things such as cost, complexity, and latency issues. Today, however, there are new alternatives that can replace VDI.
In this blog, we’ll explore the most common use cases for VDI and introduce a new Secure BYO-PC approach that opens the door for more choices to solving secure remote work.
How Companies Use VDI
VDI provides an organization with the ability to support remote workers while managing potential risks to corporate security and employee productivity.
These are some of the top VDI use cases for modern businesses:
Secure Remote Work
The recent rise in remote and hybrid work arrangements has brought various benefits for companies and their employees. However, these benefits also come with risks. For example, supporting remote work security requires organizations to have remote access control for remote workers to their applications and systems. This can increase the potential risk and impact of account takeover attacks and reduce an organization’s ability to secure and control its sensitive data.
VDI provides a solution to this problem, enabling companies to keep all of their data and applications in-house and providing remote workers with access to hosted desktops. This approach keeps sensitive data and functionality inside the perimeter and centralizes the remote work infrastructure, making it easier for an organization to monitor.
Remote work and BYOD laptop programs often go hand-in-hand. When allowing employees to work from home, companies often permit them to use personally-owned devices to do so, which is more convenient for employees and eliminates the need for employers to buy, manage and ship company-owned laptops.
However, BYOD programs come with certain risks and challenges for an organization. These devices may have inadequate security, potentially exposing sensitive corporate data or granting attackers access to corporate systems. Additionally, supporting a wide range of devices can be difficult for IT staff, increasing calls to the help desk and negatively impacting employee productivity.
VDI helps to solve this problem by providing IT personnel with a simpler, more consistent environment to manage and secure. The virtual desktops accessed by employees can all be largely identical — ensuring that corporate applications work properly on them — and are centrally located, making them easier to secure. Remote workers can then access these virtual desktops via the device of their choice without concerns about whether or not a corporate application will be supported by the device or that an insecure personal device may leak sensitive information.
External Contractors and Partners
In addition to remote employees, an organization may also have contractors or vendors who have remote access to its systems. These third parties may need to use certain data to perform their roles or could remotely manage certain systems or functions for the organization.
However, these remote contractors and partners also pose a significant risk to an organization’s security. If their organizations are compromised, an attacker may abuse their access to the company’s systems. Also, if external partners or contractors can download corporate data to their devices, an organization lacks visibility and control over how this data may be used.
As with remote workers, VDI can help to manage the security risks of these third parties. Providing them with remote access to a managed desktop enables the organization to more effectively manage and monitor their access to company data, applications, and systems. This helps the organization to protect itself against potential supply chain attacks and ensures that external users only have the access that they need to perform their roles.
Lost and Stolen Devices
With remote and hybrid work arrangements, companies have a greater risk of lost and stolen devices. Employees may be working from a public space (coffee shop, library, etc.) or lose a device while traveling.
If an employee’s device is lost or stolen, an attacker may gain access to the contents of the device. This could allow them to steal sensitive company data stored on the device and potentially access the employee’s accounts on the corporate network and various applications.
VDI helps to manage the risks posed by lost and stolen devices because corporate data and applications are not stored on the device, and an employee only has a single point of access to corporate systems. If needed, the company can block the lost device from accessing the virtualized desktop, removing any risk to corporate data and applications.