Tag: VDI

The Remote Work Survival Kit Under the Threat of the Coronavirus

There is no denying the impact COVID-19 has had on us over the past couple of months. The coronavirus has managed to work its way into every conversation, news headline, and social media post.

The coronavirus is a pandemic according to the World Health Organization. The threat of the virus spreading
has changed the way we live. We have to prepare ourselves for the upcoming months. Canceling large events and gatherings is one way to mitigate the spread of the virus. Sports, schools, churches and many businesses have closed. Or they avoid interaction with the public. Social distancing is the new mandate. Government officials have urged us to not congregate in large crowds. Stay at home if possible. Many companies are sending emails to employees asking them to work from home if possible. Companies that aren’t set up to work remotely are scrambling to make it happen. What was once an option has become a necessity.

This article will provide some options on how to deliver a great work from home experience. None of these technologies are new. If used in combination they will ensure a better work-from-home experience.

Let’s start with the one that can take on many forms and methodologies: BYOD. Bring your Own Device. Gartner defines BYOD as allowing someone to use a personally-owned device to access a company’s resources. This could be the company’s email. It could be actually installing a VPN client on their home computer. Each company has a different take on the level of access granted to non-company assets.

 

The “Bring Your Own Device” concept has been around since 2004. It is not a new trend. What is new is the popularity of using personal mobile devices on the job. The security risks of allowing access to corporate resources has discouraged some companies from adopting a BYOD policy.
Bring Your Own Device

In this post by Remote.CO you can get a sense of the varying level BYOD plays at different organizations. BYOD had its start in the mobile device world. Companies were tired of purchasing cell phones for employees. Employees were tired of carrying around 2 phones. Employees carried their personal phone and the locked-down, outdated one provided by the company. Since then, companies have other ways of getting business data secured on personal devices.

Mobile Device Managers

Microsoft Intune and VMware Airwatch are MDM programs that help protect corporate data on personal devices. Employees have access to an Enterprise app store where they can consume their internal data while using their device of choice. The employee first opts in to install the MDM agent on their device. The list of devices with current modern Operating Systems is no longer limited to only smartphones. Once the agent is installed, the company can push down a profile that allows the device to be managed. Both Intune and Airwatch have a robust set of policies available for Windows, macOS, iOS, and Android. What degree of enforcement the company has on the phone will vary on the company and device type. Once the agent is deployed, and the configuration of Security baseline is set, the device can be actively monitored and secured. This could mean enforcing Bitlocker encryption for Windows 10 devices or managing Filevault on macOS with Intune.

Virtual Desktop Infrastructure

VDI technology has taken many forms over the years. In its purest form, VDI is accessing a virtual machine over the network from a client or web-browser. This enables companies to have virtual machines always available on the internal network. These virtual controlled Existing management systems control these machines. Security tools protect the company provided applications and data. Having a proper VDI solution for employees to use can be a major advantage. Especially if they need to travel or work from various locations and/or devices. If a company already has VDI in place today, the process of deploying new virtual desktops is easy. It only takes seconds to accommodate new users.

VDI began as a technology installed on-premise or in a company’s private data centers. Later VDI transitioned to the cloud. The major VDI players Citrix, VMware and Microsoft all have major cloud offerings. This is called DaaS or Desktops as a service. Citrix and Microsoft host their DaaS offerings within Azure. VMware can host desktops in AWS, Azure, and the IBM Cloud. Google Cloud is coming soon.

The ability to leverage cloud-based virtual desktops has great advantages. Especially in certain situations like Disaster Recovery. Traditional VDI takes longer to procure and deploy new hardware. DaaS has some extra benefits like less IT overhead. This is because the cloud provider manages more components.

 

Multi-factor authentication (MFA) is a means of which a computer user is granted access only after successfully presenting 2 or more pieces of evidence (factors) to an authentication mechanism. These are usually having to do with knowledge (something only the user knows); possession (only the user has it); and inherence (like fingerprint voice scan, or retina scan).

Let’s discuss the use of a multi-factor authentication solution. Two-factor authentication (2FA) is a subset of multi-factor authentication (MFA). It ensures you can pass multiple criteria for identity. This includes something you know (password or security PIN). It also includes an object like a security token or fob. Finally, something physical that is specific to you (fingerprint, retina scan, facial recognition). A 2FA solution would offer only 2 of these mechanisms to prove your identity.

We’ve all had to input our email or phone number when signing up for an account online. Using a mobile banking app is a good example. An authentication mechanism can be a one-time-password sent to you via text message. It could be using your phone’s builtin face or fingerprint reader. These are ways to prove your identity.

The FBI warns MFA solutions are not completely foolproof. Still, it’s the best way to thwart cyber-thieves from stealing your data. Having a second form of authentication proof is safer than only having a long password. Most modern smartphones and laptops have a built-in fingerprint or smart card reader. There are several key players in the MFA space. The top leaders include Okta, Microsoft Azure MFA, and Duo (recently acquired by Cisco). Duo uses a simple cloud-based 2FA approach. Their system integrates with various types of applications. When a user attempts to gain access, a VDI or VPN provider sends a push notification to your smartphone. The user acknowledges the push notification on their smartphone. There’s no need to enter a second password or copy a 16-digit PIN for verification.

The order from management is to stay at home. Do not come to the office for the next 2 weeks. Work remotely until government and health organizations deem the coronavirus has been contained. Don’t worry about a report or project plan saved on your office desktop. Embrace VDI technology.

Do Your Work, Anywhere, and on Any Device

 

If you’re new to working from home, make sure your technology is in order. One important aspect of working remotely is communication. Make sure you have the bandwidth needed to support your tasks throughout the day.

The order from management is to stay at home. Do not come to the office for the next 2 weeks. Work remotely until government and health organizations deem the coronavirus has been contained. Don’t worry about a report or project plan saved on your office desktop. Embrace VDI technology.

VDI means working from a virtual desktop every day. Your data is always available, accessible from wherever you are and protected. Your data is more secure now than it ever was when kept on-premises. The data is backed up across different geographic regions within the cloud. There is no need to worry about catastrophic power or network outage at your local data center. It’s also always on and provides a consistent experience whenever you need to access it.

Maybe you don’t need a full Windows Virtual Desktop to get your work done. You just need access to a handful of SaaS apps like Salesforce.com. An Okta or other MFA solution can help authenticate you from an outside connection. This allows you to gain entry to those specific internal resources without the need to install a VPN client.

Or, what if all you really need is to access your corporate email and files on your phone while safe at your home? Having your smart device enrolled in your company’s Mobile Device Management solution can provide the access you need while keeping the business data secured.

Deciding how to start a remote work enablement plan for your team can seem like an overwhelming task. Like other challenges, it can is not so daunting when done in small steps. Better yet, it is a good idea to bring in experts who can design a solution that works best for your business.

There is no one-size-fits-all approach. While there are many ways to enable employees to work from home, there is only one that is perfect for your needs.

Many adversities are beyond our control. It is helpful to focus on those things we can control. We can take steps to prepare for the uncertainties ahead. We can do what is best for our employees and our loved ones.

Using the cloud to work remote is less to do with “social distancing,” and more to do with benefiting your company. Being on the cloud will democratize opportunities for you across the board. You’ll see that remote work is not so much a challenge to overcome, but a business advantage to achieve.