7 Common VDI Myths Dispelled
Jaymes Davis
Sep 15, 2021
·
9 min read time
·
There are certain pre-conceived notions circulating around virtual desktop infrastructure (VDI). Some of them are grounded in reality, while others are purely misconceptions derived from a limited knowledge or understanding around the value and purpose of VDI. The following are some of the most common myths we encounter in talking to our partners and customers. Read further as we dispel and share insights on how to best overcome these myths.
Myth #1: VDI is Never Over-Provisioned
A common myth that continues to prevail across the industry is that virtual desktop infrastructures are never over-provisioned. This couldn’t be further from the truth because it is EXACTLY what happens for many organizations.
It’s a problem that boils down to human behavior. For example, you purchase a membership to a movie club at your local theatre that will pay for two movies a month and popcorn for you and a guest. At first, you are confident that you will use this membership all the time, but eventually you get too busy or grow bored of the movie selections. At this point you are no longer deriving any value from the membership, and instead are losing money. This is a classic situation of being over-provisioned and under-utilized.
When it comes to purchasing virtual desktop infrastructure solutions, many IT organizations take the same approach. Because VDI is on-demand, they will purchase more licenses than they need with the idea that they’ll eventually get used. However, the organization often ends up over-provisioned with VDI licenses that are being under-utilized. Essentially, they are losing money on OpEx.
IT organizations should right-size their VDI provisioning from the outset, scaling up or down as needed, deploying virtual desktops within a matter of minutes — not days or months — with the right desktop delivery solution for meeting their unique needs and requirements.
Myth #2: Virtual Desktop Infrastructure is Safer than a Laptop
This is a situation where latent pain shows itself in two forms — it is either too costly or too complex to deploy laptops to third-party contractors and IT organizations will deploy one of the more common VDI platforms, thinking it is safer than a laptop. Yet, similar to the notion that simply locking your front door will keep your home safe, if a bad actor can more easily access your home via an open window or another door, locking the front door will not prevent a theft.
When it comes to VDI, what many IT pros don’t consider is that once installed, there are numerous points of presence (PoPs) that make it possible for threats to move laterally across the VDI infrastructure — from Active Directory, to multiple Citrix servers, to SQL databases, to the internet where end-users must connect to access their VDI desktops — there is clearly more risk involved when there are so many entry points for bad actors.
Organizations should look for desktop delivery solutions that offer the right level of controls and capabilities they need to onboard, scale, secure, and audit their hybrid workforces. One option is Tehama’s next-generation enterprise Desktop as a Service (DaaS), which uses an encrypted Tehama Gateway to create secure virtual rooms and desktops on the cloud that connect remote workers to corporate and cloud systems, With Tehama, data is only delivered to the endpoint through pixels and audio, meaning that important data and other IP can’t be downloaded to the local device.
Myth #3: If You Have Deployed Non-Persistent VDI, You Aren’t as Susceptible to Malware Attacks
The notion that launching a virtual desktop in a non-persistent VDI environment will protect your organization from malware, ransomware and other attacks is just plain false. The fact is, because the machine the end user is working from in a non-persistent VDI environment is not completely locked down, it has the capability to make lateral moves across the network, connecting with other desktops, servers and peripherals, and creating many points of entry for threats.
The recently-announced Executive Order on Improving the Nation’s Cybersecurity from U.S. President Joe Biden means many companies will soon have to step up their IT security and compliance game. It is possible for organizations today to gain access to high-performance development capabilities within a secure desktop infrastructure environment. . Some of the key features organizations will want to look for include:
- Zero-Trust access controls such as multi-factor authentication and least privilege permissions
- Nested virtualization to automate and rapidly provision development environments
- Built in encryption and dynamic firewall tools
- Centralized policy controls and management
- Virtual Windows and Linux desktops (including GPU desktops) to meet any workload need
Myth #4: Mind the Gap of Reality When it Comes to Home Computers
Humans, by nature, are not always careful in practicing good cybersecurity hygiene. As such, when it comes to cybersecurity, we ARE the weakest link.
A prime example takes place when upgrading a mobile phone. In the spirit of providing good customer service, the provider may ask if they can transfer the settings and data on your current phone to your new phone and then wipe the older device before reselling or recycling it. That all sounds well and good until you consider what they can do with your device while it is in their possession. Not only can the employee download all of your contacts, they can steal personally identifiable information (PII), credit card numbers, health data and more from your device. If it ends up in the wrong hands, you could be the victim of identity theft, or worse.
The home computer presents the same sort of risk. When the pandemic sent workers around the globe scattering to their home offices, many faced situations where they had to work on shared machines. Access to important files and documents were open and available to whoever was using the machine, which created a security risk. In some cases, information was being transferred over unprotected internet connections, without the benefit of a VPN. This created compliance issues, and should one of the users click on a bad link, or share a private file unknowingly, the security of that computer would be immediately compromised.
Regardless of whether it is a private or shared computer, the delivery of zero-trust remote access to the corporate desktop can eliminate security and compliance concerns. The ability to virtually mimic the physical security posture of your organization’s brick-and-mortar office — including secure perimeters (similar to the solid walls of a physical office), session recordings and activity streams (similar to CCTV cameras that populate most modern office buildings), and credentials management (just like key fob or badge systems at your office door – only better), are key capabilities organizations should look for.
Myth #5: Virtual Desktops can Take Weeks to Months to Implement
Many companies in the VDI space will take anywhere from four to six weeks and sometimes up to 90 days to complete a VDI implementation. As such, there is a common myth, spread in the form of fear, uncertainty and doubt (FUD) that no one can do it faster. The fact is, Tehama can do it in an hour.
While this may be hard to believe, and because it happens so fast, there is a perception that the job might not be done correctly, or that features and capabilities are missing. What many organizations may not be aware of is that Tehama’s next-generation enterprise DaaS can be 100% deployed in 60 minutes using three steps. First, they can quickly create a secure work environment known as a Tehama Workroom; next, they set controls and customize access to network resources to ensure your workforce and workers are meeting compliance and regulatory requirements; then, once those two steps are complete, workers can start working. It’s that simple. No shelfware is needed and everything is included.
Myth #6: IT Teams Give Up Control with Outsourced DaaS
IT organizations are often worried that they will lose control with VDI or DaaS, and won’t be able to customize their end user computing environments to meet their unique needs.
IT teams should be looking for solutions that offer a wide variety of controls that can be delineated all the way down to the department level. From the cybersecurity team, to the HR director to even the business owner. These capabilities make it easier for key stakeholders to create federated connections with suppliers and third-party contractors. There are also more audit controls to ensure compliance with regulatory requirements.
Myth #7: Virtual Desktops Won’t Meet My Performance Needs
While it is a myth, there is a kernel of truth in this one as ultimately, the performance of the VDI solution is dependent upon the endpoint on which it is running. Processing power, memory, storage and other features play a key role in the performance of the virtual desktop. Often, consumer-grade machines, to which many remote workers have been relegated to for the last 18 months or so, don’t have the performance capabilities to fully support today’s cloud workspaces.
Tehama’s next-generation enterprise DaaS builds instances with horsepower to support modern application sets and meet modern desktop requirements. For example, gaming applications need larger amounts of disk space, making GPUs a necessity in today’s world. This is one reason why Tehama chose to partner with Teradici for better graphic capabilities and larger CPUs.
Ultimately, the business case for VDI is about achieving business agility and cost-effectively mitigating risk and ensuring compliance. Faster on-boarding times with Tehama’s platform — in days instead of weeks or even months — will improve time to market and promote better collaboration while increasing productivity. Adopting the extended enterprise framework can also stop reactionary cybersecurity strategies and help your organization learn to work within both secure and complaint architectures.
Selecting the right solution for quickly and efficiently enabling a secure and sustainable remote workforce is one of the most important decisions you can make for your organization. Discover how Tehama is changing perceptions around VDI, and addressing the aforementioned pain points through our next-generation Enterprise DaaS — the fastest, easiest, most secure way to deploy a global workforce. Book a demo today with one of our platform experts!