Written byTom Hickling, Senior Program Manager, Azure Virtual Desktop
It’s no longer a matter of organizations deciding whether to embrace remote and hybrid work but finding the best way to do so. A recent study showed most employees are happier having the option to work from home, and 80 percent say they’re as productive or more productive when they do. One of the most popular options for organizations who want to offer remote work options is virtual desktop infrastructure or VDI.
What is VDI?
Virtual desktop infrastructure (VDI)is an IT infrastructure that virtualizes desktops—to give employees access to enterprise data and applications from anywhere and from most personal and professional devices. Organizations host applications and data on servers, and through VDI, enable their employees to work remotely via remote desktops. VDI is popular for enabling remote work because, with the right configuration, it’s highly secure and relatively inexpensive compared to on-premises options.
What are some of the security benefits of cloud-based VDI migration?
Migrating to a cloud-based VDI solution allows organizations to take advantage of built-in security features that mitigate and eliminate the risks associated with traditional desktop virtualization.Azure Virtual Desktopin combination with the Azure public cloud, for example, offers comprehensive security features, like Azure Sentinel and Microsoft Defender for Endpoint, that are built-in before deployment. This helps enable an organization to follow critical VDI security best practices from the start of their virtualization journey.
What are some VDI security best practices?
Conditional accessapplies access controls based on signals like group membership, type of device, and IP address to enforce policies.
Multifactor authenticationrequires that users consistently verify their identities to access sensitive data.
Audit logsare used to gain insight into user and admin activities.
Endpoint securitylike Microsoft Defender for Endpoints offers built-in protection against malware and other advanced threats for all your endpoints.
Application restrictionmitigates security threats by limiting what applications certain users are allowed to access using software like Windows Defender Application Control.