Video Screencast Help
Endpoint Virtualization Community Blog

Some thoughts on BriForum and is VDI more secure?

Created: 27 Jul 2012 • 4 comments
AndyN's picture
0 0 Votes
Login to vote

I attended my first BriForum this week and it was quite interesting. If you are not familiar with this conference, it is a vendor neutral event focused on application virtualization, desktop virtualization, VDI, etc. It was held in Chicago at the McCormick convention center and I'm guessing had around 500 attendees and at least 30 vendors showcasing their wares. 

There were 3 days of sessions presented by experts from various companies. Most of the sessions were focused on best practices rather than a specific vendor. There were also sponsored sessions where vendors could pitch their products. Overall, I think it was a very good event.

The most popular topics were VDI (good, bad, and the ugly) and BYOD. The opinions expressed in these areas vary greatly and I enjoyed hearing different perspectives. Some say that VDI is just a dream with big promises that do not justify the cost. Others claim that VDI has huge benefits and is the future.

One of the more interesting sessions I attended was essentially a debate about whether or not VDI is more secure than physical desktops. The presenters believe that VDI is actually less secure as compared to traditional desktops and made a pretty persuasive case. However, many people still tout increased data security as one of the selling points of VDI.

So what do you think? Does VDI provide increased security in comparison to traditional desktop management? 

 

Comments 4 CommentsJump to latest comment

Swarna's picture

One of the first thing to remember is that VDI should never be the solution for the security issues. If an Enterprise goes the VDI route because they think this solves all of their security issues, boy, are they in for a real surprise! Virtual Desktops are equally, if not more, at risk as the traditional desktops. Unless enteprises understand why they need a VDI solution, the challenges that this VDI solution is supposed to solve, the VDI project will not be successful.

-2
Login to vote
AndyN's picture

Gunna Berger (Gartner) discusses this topic on his blog. Interesting questions and debate around whether or not VDI is more secure than physical desktops.

http://blogs.gartner.com/gunnar-berger/are-shvd-vdi-desktops-more-secure-than-physical-in-a-word-yes/

What do you think?

+2
Login to vote
EverythingVirt's picture

Thanks for the summary of BriForum Andy. I tried to get my management to let me go this year but they think it's too small... great rationale when I'm supposed to be designing bleeding edge solutions!

I posted a reply in Brian's forum a while back about this http://virtualsteele.blogspot.com/2011/10/response-to-sam-johnstons-comments-on.html

Security - Yep, I agree with this whole heartedly. There is nothing more inherently secure about VDI vs. a normal desktop. The reality is if your users have admin rights today, VDI may be the excuse you need to lock those desktops down. Plus the features typically implemented with VDI are the tools you need to make locked down desktops work (profile and application management).

With SWS we have went from a majority of users having admin rights to zero in our latest implementation. Even I don't have admin rights on my desktop and have been working like that for 2 years!

You can't argue with the data security piece... Hard for a user to lose a laptop full of SPI if he just connects to all that data remotely through a thin device or tablet.

If you're doing stateless VDI at least cleanup is as easy as a reboot.

Sometimes I think these guys get too wrapped up in the hypothetical and haven't actually been in a large enterprise in a long time.

While it's not the answer to all your security woes, it sure does facilitate putting some long needed issues to rest!

 

+1
Login to vote
Swarna's picture

I agree with both Shawn and Gunnar. 

The underlying conclusion, if you read both of their posts, is that VDI just moves security from endpoints to datacenters. Virtual desktops are no more secure than physical desktops. While there is no escaping the threats/vulnerabilities, virtual desktops are slightly easier to secure than physical desktops - primarliy because IT has a higher control on virtual desktops *than* physical. 

+1
Login to vote