Maintaining VDI security hygiene without resistance from employees

An image of , News, Maintaining VDI security hygiene without resistance from employees

CISO’s are all too aware that maintaining 100% uptime is essential for productivity and to this end they prioritise the availability and protection of their organisations’ systems. The spectre of the WannaCry ransomware attack, which cost the NHS in the UK millions and could have been fended off by a software update made available weeks before, looms large in the minds of anyone with responsibility for security.  

It’s understandable. The cyberattack surface is constantly growing, and as well as safeguarding their companies and their colleagues against corporate threats, many CISOs feel they are now obliged to become the go-to authority on volatile global and national security issues too. 

Their determination to close gaps in their corporate armour by strictly imposing a rigid upgrade programme, however, can meet with considerable resistance. One of the biggest challenges is establishing a more cyber-security-focused culture. All too often the security team are regarded negatively, seen as imposing disruptive processes that are considered unnecessary by other departments. Many employees don’t want to engage with cyber-security practices, and while they fully expect to have access to systems and solutions 24/7, they have little patience for the impact on their everyday tasks that an update might present. Human nature also plays its part in the delaying tactics that are used to avoid installations that could change or impact employees’ familiar interactions with existing applications.   

The difficulty of keeping remote workers secure

Putting in place a cyber-security culture was tricky enough when employees were office-based, but it has become even more so now that hybrid and remote working are the norm and reliance on remote managed and unmanaged access solutions is commonplace.

Cloud-based solutions that provide virtual desktop and virtual PC infrastructure including Citrix, Azure Virtual Desktop, w365 and VMWare, have helped to establish hybrid working as standard practice. Not only do they deliver the data and applications that employees need they also enable companies to control resources such as identity and access policies and make system administration much easier. The flip side to this, however, is the frequency of security updates and re-configuration that must be factored in to protect users and information.  

From a CISO perspective virtual infrastructure allows them to keep their arms around the security ecosystem. They can take advantage of the often monthly patches to physical servers and guest virtual machines and keep systems up to date with new software versions as and when they become available, knowing that this will protect against recently launched malware and remote access security flaws.

While some security software updates can take just minutes, others can take hours, involve reinstallation, and require the involvement of employees and this can have operational implications. Employees are no longer in a confined, controllable space using only company-managed endpoints. Instead, a mixture of managed and unmanaged devices is now more commonplace, and while CISOs are under pressure to keep security update activity to a minimum, they are only too aware that they must balance this with the potential risk of a cyberattack and the growing vulnerability of unmanaged devices.   

There is no doubt that virtual desktops, particularly those that are regularly updated with security patches, can enhance systems against attacks on applications and data at a cloud level. Securing data input at the endpoint – even a virtual endpoint – however, carries the same risk that it always did.  

New approach could solve the issue

It is possible that adopting a new security strategy and/or implementing just one type of security solution could have the answer to both problems – enabling CISOs to reduce disruptive updates and at the same time defend devices against attack.

Fundamentally, and against a backdrop of increasing cyberattacks, all organisations should be implementing zero trust. It may not be a popular approach with employees initially and requires considerable buy-in at every level from the c-suite down, but it is the most effective way to ensure that access is given only after the user or device is assessed and verified. 

If zero trust is just a step too far, or while it is being established, CISOs should be looking for a security solution that enhances and supports their existing remote access infrastructure. This needs to protect against the most insidious cyber-attacks, such as kernel level keylogging and screen grabbing, which are commonly deployed on unmanaged endpoint devices as a means for bad actors to gain entry to corporate networks. 

This type of protection, which is as effective in defending virtual desktops as it is in combatting attacks on any physical device, will wrap data and applications securely, ensuring that they are containerised against malware, without any need to identify the malware itself. 

Combatting the complacency of employees when it comes to spending time on cyber-security practices means finding solutions that are easy to implement and deploy, and most importantly, which require a single download to the device they are using. CISOs or administrators should have visibility over who has already downloaded the solution and straightforward mechanisms to ensure non-users are directed to download it so they can gain access to their virtual desktop infrastructure. 

The net effect of this is that any device, whether it is outside the physical corporate perimeter, within it, or in transit, will continue to be protected. CISOs will also have the reassurance of knowing that they can achieve a more workable approach to keeping the company, and employees, secure, and can reduce the frequency of updates that threaten to impact operations, or which are meeting resistance from colleagues. 

An image of , News, Maintaining VDI security hygiene without resistance from employees

Dave Waterson

Dave Waterson is CEO at security company SentryBay and an expert in endpoint and application security. His technical focus areas are anti-keylogging, anti-phishing, data security, secure browsing, IoT, mobile security, identity theft and cloud-based security. He was included amongst the top 10 tech thought leaders identified by A.T Kearney at the World Economic Forum in Davos and is a winner of the Great British Entrepreneur of the Year Award, for cyber security.

A New Journey to the Cloud

Don Valentine • 23rd January 2023

ERP implementation has changed. And for those companies facing the 2027 maintenance deadline for SAP ECC 6, that is good news. In today’s cloud-first, ‘adopt not adapt model, there are no more white boards. No more consultants offering to customise software to meet any business need. And no more long drawn implementations – followed by...

Travel industry, ‘check-in’ on cart abandonment

Andrew Armitage • 23rd January 2023

People are not loyal to travel brands now – they can’t afford to be. With the right deal and customer experience, there is an opportunity to capture the huge number of customers who will be shopping for their summer deals this month and beyond.

Five Benefits of Cloud-Based Test Automation

Adil Mohammed • 17th January 2023

Test automation has increased in popularity in recent years, however, previously, software has been hindered by a slow pace and an inability to scale with companies at every stage of growth. These challenges became increasingly apparent during the Covid-19 lockdowns when workforces were forced to move almost fully remote. Right now, we are still adjusting...

Five Benefits of Cloud-Based Test Automation

Adil Mohammed • 17th January 2023

Test automation has increased in popularity in recent years, however, previously, software has been hindered by a slow pace and an inability to scale with companies at every stage of growth. These challenges became increasingly apparent during the Covid-19 lockdowns when workforces were forced to move almost fully remote. Right now, we are still adjusting...

Protecting Data Irrespective of Infrastructure

Simon Pamplin • 16th January 2023

The cyber security threat has risen so high in recent years that most companies globally now accept that a data breach is almost inevitable. But what does this mean for the data protection and compliance officers, as well as senior managers, now personally liable for protecting sensitive company, customer and partner data?

Protecting Data Irrespective of Infrastructure

Simon Pamplin • 16th January 2023

The cyber security threat has risen so high in recent years that most companies globally now accept that a data breach is almost inevitable. But what does this mean for the data protection and compliance officers, as well as senior managers, now personally liable for protecting sensitive company, customer and partner data?