Virtual Desktop Infrastructure: The way forward in government mobility
|Edris Amiryar in Mobile Tech Monday, November 28, 2016|
Advances in technology are rapid and can be hard to keep up with, especially for large organizations. The federal government relies heavily on IT to accomplish its tasks and there is increasing demand for access to information from any location, in any geography, meaning that for federal agencies, improved mobility and mobile data security are imperative for modern needs. IT users have the technology and the desire to go mobile, but the network doesn’t always support this agility.
The mobility challenge
While the desire may be great, there are several mobility challenges that federal agencies must overcome; first and foremost is security.
When your data leaves your network, you are inherently increasing risk. To mitigate these risks, you must ensure the means of mobile connectivity is secure, that the data integrity is solid, and in the event of certain risks such as a lost asset, those risks can be quickly mitigated.
Bring your own device (BYOD) mobility brings increased complexity, as networks must isolate personal data from corporate data. Additionally, for each device added to the network, there is the potential for a unique security configuration that must be integrated. There are liability issues as well, including the potential for cross-infection from personal to corporate assets.
But imagine the potential if you could work on a document at your desk, leave your computer, and go down the hall or across the country and pick up right where you left off on a completely different computer.
That’s what a Virtual Desktop Infrastructure (VDI) brings to users.
VDI is the practice of hosting a desktop operating system within a virtual machine (VM) running in a data center, private or cloud-based data center. VDI enables users to access their desktop applications, programs, documents, images, and other files and data remotely.
VDI offers increased mobility and the ability to access documents or information safely and securely from any device in any location. This allows a user to work anytime, anywhere on almost any application, without the risk of compromise or lost data, since the actual application and data reside in the cloud as oppose to the physical device.
Users can log in from any zero client, or thick client with zero client software installed, meaning if your customer travels to a satellite office, she no longer needs to worry if she will have access to her necessary resources and services as the same desktop and settings are guaranteed everywhere. She can log in from any device with internet connectivity, while still isolating her personal data from the corporate network.
VDI allows for the tracking of usage metrics that are extremely valuable for trending, growth planning, security auditing and monitoring. If your organization is growing, simply add more compute server nodes and add them to your VDI farm and the system will create more VDI guest images automatically or on demand based on configuration. No longer will the organization need to procure the latest model of a thick client, create another image for the new hardware, or add another hardware image to maintain.
Efficiency and Affordability
The physical asset management and inventory tracking requirements associated with standard operations are intense. A traditional desktop refresh is a major ordeal: you must retire your outgoing desktops; remove them from your configuration management data base (CMDB); properly dispose of equipment; then in-process, barcode, and add all your new clients to the CMDB. Depending on the size of the organization, a refresh can be very costly and time consuming, requiring the replacements of hundreds or thousands of devices.
Rather than having to purchase a workstation for each user, VDI allows users to use a simple zero client, eliminating the cost of a thick client as well as reducing the risk associated with carrying laptops from home to the office. With everything hosted in the data center, organizations won’t need a big collection of standard PCs in the office. Additionally, thick clients can usually be repurposed as thin clients with a boot CD, leading to hardware savings.
The cost savings do not end with physical hardware. Version upgrades, patches and new programs can be done in a cost-effective way that impacts the entire enterprise simultaneously – without the need to upgrade each endpoint.
From a security perspective, you can configure VDI to reset a machine back to baseline at the end of every session, meaning the machine is deleted and recreated from the master image, without deleting the customer’s personal settings. This ensures threats like zero-day vulnerabilities are significantly reduced.
VDI essentially sends screen scrapes and user input across the wire, so you aren’t allowing their personal system to directly tie into your network as you would with solutions such as VPN. Users are essentially in a sandbox when connecting, so even if their home machine is badly infected with malware, it doesn’t have the opportunity to touch the corporate network when they connect via VDI.
Who’s riding the VDI wave?
The DoD has deployed a multi-tenant VDI system, including zero clients, throughout spaces at the Pentagon, Mark Center, Hampton Roads, and other DoD facilities and sites. With so many users and members of different organizations travelling between the multiple locations, the introduction of VDI has greatly improved productivity, efficiency, and communications, while reducing customer frustration and costs. VDI has allowed a more practical way of getting the job done. The DoD also just launched a remote VDI service for a handful of tenants which allows anyone with an internet connection to connect or reconnect to their VDI session remotely – even from home.
For example, during 2016’s Winter Storm Jonas in the DC area, Ft. Meade had over 50% of their workforce connect via remote VDI. Despite the government being closed for a week, there was no slowdown in productivity at their site, and users expressed praise for the simplicity and reliability of the system.
VDI will not replace every endpoint in your organization, since some users require unique hardware peripherals, high end power workstations, or high end graphics configurations with multiple displays. As with any infrastructure investment, it is important to perform up front research and discovery of your organization’s requirements, and ensure your standard software is compatible with virtual operating systems. If implemented and maintained properly, the benefits gained from a VDI infrastructure far outweigh the costs.
VDI is a sound option for organizations to consider to improve configuration control, provide a consistent and reliable local and remote user experience, increase security posture, reduce labor and energy costs, and simplify end client management.
Read more: http://netcentrics.com/
This content is made possible by a guest author, or sponsor; it is not written by and does not necessarily reflect the views of App Developer Magazine's editorial staff.