February 14, 2012

Virtual Desktops: A Killer App for Mobile Security?

The security aspects of the mobility explosion keep IT professionals tossing and turning at night. How can they reliably protect data on small mobile devices that can easily be lost, stolen or compromised?

To be sure, tools to help tame the security issue are crawling out of the woodwork. Some are from PC security vendors that have expanded their software products to mobile handsets and tablet computers. Others are from startups that have committed themselves specifically to the security and management of roving smart phones and tablet computers. Still others are from Wi-Fi infrastructure vendors, as well as business application developers who want to extend their software in a big way to mobile work environments.

Hanging out there somewhat by its lonesome is the virtual desktop infrastructure (VDI) alternative. In effect, VDI dumbs down intelligent mobile devices with a thin client. Though it sounds counterproductive, being dumb renders the devices secure and, in most cases, doesn't negatively impact worker productivity.

Manipulation from Afar

In this model, users manipulate data across the network from their mobile screens using a virtual image of their own laptop or desktop. The real image is stored centrally, either on a corporate server or on a user's own physical PC connected directly to the corporate LAN.

Ideally, the mobile VDI experience "feels local;" however, data can't be stored on the mobile device or printed, which is where the security benefits come in. The device becomes, in effect, merely an intelligent display.

The approach prevents corporate data from finding its way onto user devices and, from there, onto social networks, into printer trays, onto hackers' computers and other places where there's a risk of unauthorized eyes seeing it.

A common use for VDI technology, for example, has been for R&D groups working remotely from the data center. IT can maintain centralized control over the intellectual property in development while remote engineers work on it using a virtual image of the data on a laptop, desktop or tablet. This is particularly attractive when developers are contractors who aren't direct employees of the company.

Not Nirvana Yet

VDI has become available for tablet and smart phone platforms from companies such as Citrix, VMware, Array Networks, Kaviza and others. Still, it's not  the nirvana answer to mobile security for all organizations, at least not yet.  

One reason is that the virtualization vendors that do offer a mobile version of their VDI client software, which they initially built for laptops and desktops, don't necessarily offer it for all the mobile OSs you might need to accommodate. These inconsistencies make using VDI as the overarching mobile security tool in highly heterogeneous, multi-OS environments impossible.  

And not being able to have a local version of a document or other resource might not cut it for some users. What might be useful in these circumstances is non-black-and-white policy enforcement.

For example, today's emerging mobility management systems could support policies that allow local usage and printing, but under certain circumstances, automatically activate the user's thin client. The user might have "real" access when on the corporate Wi-Fi network, for instance, but default to VDI access when out of the office on a public mobile network.

Though there's some refining still ahead, VDI remains an important tool in mastering the vulnerabilities of mobile devices - particularly for personal devices used for enterprise access in the proverbial "bring your own device" (BYOD) manner. By turning mobile devices into thin clients, VDI creates a definitive boundary between personal and enterprise apps and data.

With such a boundary, workers can access their favorite app stores, social networks and games while IT can tightly regulate access to internal applications.  Lost and stolen devices don't affect corporate security, because the data remains within the data center.


Search Webtorials

Get E-News and Notices via Email


  

 



  

I accept Webtorials' Terms and Conditions.

Trending Discussions

See more discussions...

Featured Sponsor Microsites






















Archives

Notices

Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information.  Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site.  Continuing past this point indicates your acceptance of our terms of use as specified at Terms of Use.

Webtorial® is a registered servicemark of Distributed Networking Associates. The Webtorial logo is a servicemark of Distributed Networking Associates. Copyright 1999-2018, Distributed Networking Associates, Inc.