As more companies S roll out bring your own device (BYOD) pilot programs, IT organizations are finding that virtual desktop infrastructure (VDI) is one way to provide secure access to corporate assets on mobile devices.
Probably the most pressing BYOD challenge for businesses is to provide full application availability to remote devices in a way that is both familiar and secure. While VDI and application virtualization platforms weren’t necessarily designed specifically for mobile devices, they are built to enable user access to enterprise data in a consistent, secure manner on most computing platforms and operating systems. They also enable application portability, data backup and policy compliance for any device tapping in.
How VDI works
VMware and Array stress application security and support devices that range from Windows desktops to Android smartphones, BlackBerrys and iPads.
VMware offers two methods of managing virtual desktops. The first is distributed VDI, which consists of remotely managed virtual desktops running on server hardware at remote sites. The second is centralized VDI, which enables remote sites to access virtual desktops residing on server hardware in the data center.
Citrix’s Receiver application allows IT departments to put Windows systems in a central server running on virtual systems and is part of the company’s service delivery infrastructure platform. Users can install Receiver by downloading the software directly from an app store, and this year the company will offer integration with CloudGateway, a unified service broker that aggregates, controls and delivers Windows, Web, SaaS and mobile apps to end-user devices.
Most of Citrix’s customers use a mix of devices, as opposed to an “everybody-gets-a-desktop” policy, said Kevin Strohmeyer, Citrix director of product marketing for enterprise desktops and applications. In the BYOD era, where young people are used to having their own connected devices, the versatility of Receiver is an important selling point.
“We talk to a lot of customers who really believe in freedom of choice as a way to attract the best employees, and they realize if their IT department has a locked-down mentality, that’s going to turn off a broad set of younger folks,” he said. “It’s not just about replacing devices—you’re enabling a new set of services that drive new business benefits. You can open up offices faster; you can hire people from where they are rather than moving them. These are bottom-line advantages that customers seem to understand at this point.”
But ultimately, VDI must involve an endpoint-independent architecture that delivers apps and data to many devices in a number of different ways, said Dan Blum, Gartner’s vice president and distinguished analyst.
“Whether you’re deploying VDI to a mobile device, to a thin client or to a PC, the same architectures apply—we’re talking about either a server hosted virtual machine or a local (client-side) machine,” Blum said. “The idea is that virtualization creates this separate container that can be shared at will, and organizations can control the data on the server.”
Securing BYOD with VDI in retail, healthcare and banking
When Rent-a-Center needed to give hundreds of North American district managers a way to provide secure, remote access to corporate email, intranet and applications, senior director of security KC Condit turned to Citrix Receiver as the solution. Using Receiver meant Condit could allow access to employees and even guest consultants without ever taking sensitive data out of the data center.
“With Citrix, you can access and interact with the data, but the data stays where it’s supposed to stay. As a security professional, not only do I not want to control the user, I’m not foolish enough to try.”
In the high-pressure healthcare industry, seamless accessibility and guaranteed security are critical components to VDI. The Children’s Hospital of Central California, where the IT department is piloting a BYOD program, is also the first hospital in the country to roll out VMware’s VDI platform on an iPad, said CIO Kirk Larson. So far the hospital has about 450 desktops that use View 5, which lets staff remotely access critical information, including advanced clinical applications like computerized physician order entry and nursing documentation.
“With staff constantly on the move from room to room, being able to consistently and securely access patient information was very beneficial. We haven’t rolled out the virtual desktop environment everywhere yet, such as the clinics, but I’ve had people come and ask me if they can get VDI installed on their machines, too,” Larson said. “We’d like to get it rolled out to as much of the hospital as possible. We see this as a key part of our go-forward strategy.”
Less well-known than Receiver or View 5 is Array Networks’ DesktopDirect, an appliance-based remote desktop solution capable of extending physical and virtual office desktops to a user on a host of mobile devices, thin clients and operating systems. The platform uses remote desktop protocol (RDP) to provide access to desktop PCs, both virtual and physical, via the company’s SPX appliances.
Needham Bank, a customer owned community bank with five locations and 130 employees across Massachusetts, deployed DesktopDirect to meet the security concerns required by the financial sector, such as central auditing, while still allowing employees to use their own devices. The company’s vice president of IT, James Gordon said the platform gives workers a flexible and user-friendly way to securely access the corporate site without giving IT headaches over anti-virus strategies or security concerns. Gordon currently has about 40 DesktopDirect registered users who employ devices ranging from iPads to Windows PCs at home.
Unlike some companies that mainly use VDI infrastructure to boost productivity for road warriors or remote locations, Gordon said DesktopDirect allows Needham employees to increase efficiency right in the office. “People now can be in the middle of a meeting solving a problem from the iPad,” he said.
About the author:
Nathan Eddy is a technology writer based in Berlin and a graduate of Northwestern University's Medill School of Journalism. He previously worked as an editor at FierceMarkets in Washington, DC and currently writes about small business technology issues for eWeek.
- New Virtual Networking Technologies Make Convergence Real –SearchSecurity.com
- Understanding the pros and cons of network virtualization –SearchSecurity.com
- Network virtualization FAQ –SearchSecurity.com
- Network Virtualization for Dummies 2nd Edition –VMware