Virtualization is a well-proven technology used for decades by corporations to deploy servers internally using Virtual Machines (VM) and transparently provide services like corporate email, database, and other applications/services to their employees. The function is the same as if it were running on hardware-based servers, but with advantages like quicker provisioning and deployment, lower hardware costs, better resources distribution, portability, and migration, to name a few.
Originally limited to servers, it has extended to desktop and more recently mobile, with the goal to offer end-users a secure, digital workspace they can use from anywhere, with a seamless, unified experience, no matter the device or ownership.
Now that most companies are moving to the cloud, either partially or completely, virtualization has become yet another cloud-based service or Software-as-a-Service (SaaS), making it even easier for corporations to deploy. Let’s explore all the options available.
What is Virtual Desktop Infrastructure (VDI)?
Virtualization solution that uses Virtual Machines (VMs) to provide and manage virtual desktops for end-users. Desktop environments are usually based on either Windows or Linux Operating systems (OS) and can be tailored to harden their security, customized to integrate corporate “look and feel” (e.g., wallpapers, themes), and provisioned with specific apps, public or private, that users need to perform their daily work tasks. These customizations are usually referred to as images, and a corporation can build as many as they want based the unique use cases they have, all with different needs (e.g., home office users, travelers, external collaborators, etc).
Virtual Machines (VMs) are hosted on a centralized server, located either locally, on-premises, or externally on the cloud, in which case we would refer to it as Desktop-as-a-Service (DaaS), and VMs are deployed to end-users on demand, almost instantly.
Users access their virtual desktop from their current desktop computer or mobile device using either a web browser or a specific client app. They would be required to authenticate using their corporate credentials, and then they would securely land onto their digital workspace, from there they can work using their usual business apps and accessing their work documents, with a similar experience to sitting in the office and using a standard physical computer. Overall performance is usually even better, especially when using high resource consuming apps, as these do not rely on limited desktop/laptop computer hardware, but much more powerful server back-end hardware capacity; shared, attached hardware can even be dynamically assigned to VMs, for example when high demanding tasks are being performed, to optimize their global usage.
User applications and data remain persistent, meaning that users can easily switch to another device (e.g., switch from using a tablet to a computer) without losing their work. Additionally, no corporate data is transmitted over the Internet at any point, only displaying data stream securely encrypted using a proprietary protocol specific to each vendor.
Finally, in case of an issue or problem, user data or even the whole machine can easily be restored to a previous state thanks to the backups (called snapshots) taken on a regular basis.
What is Virtual Mobile Infrastructure (VMI)?
Similar to VDI, VMI allows organizations to host mobile apps and provide personalized, secure access to them from any device, anywhere.
Employees simply need to install a client app on their mobile device, open it, authenticate using their corporate credentials and from there securely access their virtual workspace where they will find all their favorite work apps and documents. The experience is somewhat like using an Android Enterprise or Samsung Knox device with the Corporate-Owned, Personal Enabled (COPE) option – with two different spaces, private (unmanaged) and work (secured, managed) – with the difference that the device does not even need to be managed, making it an ideal choice for Bring-Your-Own-Device (BYOD) deployments where employees use their own, personal device to conduct business tasks.
The client app works as a secure container, ensuring no information can neither leave nor enter it using Data Leak Protection (DLP) policy rules. Plus, the same as with VDI, no corporate data is ever delivered to the mobile device itself, but only graphics are sent to the device in an encrypted pixel stream, using specific proprietary protocols.
Android is used as the OS of choice to build mobile VM, which is the reason why it is sometimes referred to as Android-based VDI. For organizations using their own internal mobile apps, this greatly simplifies their development effort as they only need to be developed once, for Android, and they will later be able to make them accessible from any mobile device without any extra coding required.
This is ideal for BYOD deployments, where little to no device management is performed, allowing employees to access their work data and apps securely and transparently, with 100% separation of personal and enterprise data, while also preserving user privacy as the enterprise will have no access or visibility to the private data stored on such devices.
For more information, you can check our recent article on the Hypori Virtual Mobility™ solution.
One of the first advantages of virtualization is the ability to provide a high-end experience to all employees while saving on hardware costs by providing them with cheaper, lightweight corporate-owned workstations, or allowing them to bring their personal-owned device for BYOD programs.
More importantly, the security is not compromised but improved, with all corporate apps and data always remaining behind well-guarded walls, either on-premises or at their favorite cloud partner, as only display data and inputs would ever be sent back and forth, but no actual data – in other words, containerization in its essence.
Employees would benefit from the ability to access their digital workspace, including their apps and documents, from anywhere, at any time, and from any supported device.
Finally, IT teams also would benefit from more simple and flexible corporate resources management, being able to provision a new workspace in a matter of minutes, fully configured and ready with all corporate apps, adapt its configuration when required to match specific needs, and deprovision it when the employee leaves.
Virtualization offers end-users a secure, digital workspace that can be accessed from anywhere with a seamless, unified experience. If you are interested in learning more about virtualization or implementing it in your infrastructure, the team at ISEC7 would be happy to assist. Please contact us with any questions and the team at ISEC7 can better help you understand your options and what’s needed for your specific environment.
(C) Rémi Frédéric Keusseyan, Global Head of Training, ISEC7 Group