Virtual Desktop Security
Since the Information Revolution of the 1980s and 1990s there has been an increased demand for data to be conveniently accessible.
Through virtual desktop hosting, an individual user’s interface is kept in a virtualized environment. The virtual desktop is stored on a remote server rather than locally. This means that your data is hosted from another location, other than that where your PC is normally fixed. The user benefit in this is that you can access the same information from anywhere in the world.
Other prominent advantages of virtual desktop hosting include:
- Efficient use of energy and resources
- Cost savings because resources can be shared and allocated on an as-necessary basis.
- Administration is centralized
- Enhanced data integrity due to a centralized data backup
- Less software compatibility problems
- Remote display protocols to give the user a localized look and feel
- The data centre is controlled by a IT department who ensures that users execute software with the latest patches and upgrades applied
- Sensitive data remains in the data centre where security teams can protect against theft or malicious use and can easily audit the infrastructure
How secure are virtual desktops in comparison to a standard desktop?
Let’s take a look at the major network threats that may affect standard and virtual desktops alike.
The top data network security threats of 2013 were:
1. Malware attacks
A malware attack is when malicious software takes over a person’s computer in order to spread a bug onto other people’s devices and profiles. It can also infect a computer and turn it into a botnet, which allows the cyber criminal to control the computer and use it to send malware to others.
Phishing (the hijacking of personal accounts) is another problem that can occur. A phishing bug is often disguised as malware and is designed to steal personal login and password details so that the cyber criminal can assume control of the victim’s social network, email and online bank accounts. This is a huge problem when you consider that around seventy per cent of the world’s internet users choose the same password across every web platform they use. Consequently, phishing is extremely dangerous because the criminal can use one password and username to try to access multiple private accounts for his/ her personal gain.
By using a virtual hosted desktop, each device that accesses your data is updated with the latest antivirus and firewall software. In the same way, IT can ensure that all users update their passwords on a regular basis. A password can be seen as an encryption key for accessing data. A well planned encryption key won’t allow the same password to be used twice and consists of a wide range of characters.
2. BYOD (Bring Your Own Device)
Due to the recent advancements in mobile internet browsing, access and speed, people are increasingly accessing the web from their mobile phones, tables and laptops. Businesses that do not have effective management in place over their Wi-Fi networks and VPNs with digital certificates and encryption keys will be open to the threat of data breaches.
This problem can be managed more easily from virtual desktops since sensitive data remains in the data centre. Any security breaches can be detected at the hosting centre.
3. Weak encryption algorithms
According to the statistical data gathered by Venafi, nearly all Global 2000 organizations have implemented weak, easily hacked, MD5-signed certificates in their environments. MD5 is the broken certificate-signing algorithm used by Microsoft that allowed hackers to bypass Microsoft security and infect thousands of computers with Flame malware. Once deployed, Flame was able to gather sensitive information from the targeted devices.
Through centralised administration, which is how virtual desktops are run, network audits can be performed more easily, thus ensuring better security.
4. Cloud data breach
Organisations supplying cloud services, such as Amazon.com, have been in the spotlight due to the fact that they handle the personal details of a vast amount of people. In the UK, the Information Commissioners Office (ICO) has developed a plan for protecting cloud data while complying with UK and European data protection directives. The ICO will issue fines to organizations of £500,000 per breach of the protection plan in order to govern data safety.
According to the ICO, “robust key management” is required to meet compliance. With these changes, it is clear that in 2014 regulators globally will take action against organizations that fail to protect data in the cloud.
5. Security budgets
As with any business function, IT security is threatened by budget limitations. Luckily, due to an increased awareness of the implications of poor data security, companies are allocating more capital to cyber security.
It is argued that virtual desktop hosting is more cost effective in the long run, whereas standard desktops may be more expensive.
6. Responsibility and trust
Hiring the right work force to manage your IT and network security is crucial. Your IT department must be accountable and trustworthy in managing highly sensitive data. Some organisations may look to outsource this business function to virtual desktop host providers due to budgets or lack of expertise.
Resource Box: Nasstar is a leading and trusted hosted desktop service provider in the UK and Europe. For more information about virtual desktop hosting services, visit http://www.nasstar.com/virtual_desktop.