My intention with this blog is to create a conversation about the topic of VDI’s (virtual desktop infrastructure) impact on compliance, whether positive or negative. Therefore, please comment with questions and opinions!
I’ve built and used many VDI environments, but VDI’s impact on compliance didn’t occur to me until recently.
I was hired by a client in the financial sector to identify ways of achieving compliance as it relates to devices at the edge and their cloud presence. My conclusion was that we needed to implement a VDI infrastructure, which would prevent anyone from accessing the cloud tenancies unless they originate from certain IP addresses within the organization. At the same time, we would no longer have to worry about “data at the edge” – i.e. devices and handhelds that can contain compliance data and might be subject to theft or information leak.
As we moved forward with the project, I realized there were other benefits of VDI unaccounted for in the original decision to move to a VDI infrastructure:
1. Desktop Isolation
In a VDI environment, the different virtual instances can be prevented from exchanging data with one another, which is hard to implement in a physical environment
2. Unified Access
Users access their VDI environment in the same manner regardless of scenario – normal or disaster recovery; no new accommodations, directives or training for end users must be provided in a business continuity situation
3. Dynamic Load Provisioning
VDI can dynamically allocate resources (RAM, CPU, GPU, etc.) for users with varying workloads, such as in computational modeling
4. Simplified Reference Architecture
VDI can be designed and deployed based on proven reference architecture, rather than making incremental improvements to existing environments
5. Data Loss Prevention
VDI resolves the issue of preventing USB/External drives from leaking data outside the organization
6. Unified Image
VDI provides a unified operating system image that simplifies deployment, training and support
7. Uninterrupted Workflow
Forced reboots no longer affect the end user; patches and updates can run at a very aggressive schedule
Thoughts? Comments? Ideas to investigate? Experiences you’ve had? Please share!