• United States

How VDI can help organizations be more secure

Nov 03, 20174 mins
Network SecurityVirtualization

The use cases for VDI have exploded in the face of today’s modern, mobile workforce.

I don’t envy corporate IT teams today. For every automation or convergence that’s made your jobs easier, you’ve been handed dozens of difficult cybersecurity concerns upon which the fate of your company rests (no pressure).

When my team at Wyse introduced thin clients 22 years ago, it was a different world. What’s interesting to see is that, while Server-based computing and Digital workspaces (I’ll refer to them as VDI for ease of reading) has fallen in and out of popularity over the past few years, organizations need it today more than ever.

Modern security use cases for VDI

There are several use cases for VDI that didn’t exist until the modern era of workforce transformation.

Working from home

If you have employees who regularly work from home, you face a range of security threats, from employees’ malware-magnet kids to the family’s relatively unsecure home network. If those same employees are accessing data using a thin client through VDI, there’s 1) no temptation for their kids to use the devices (because they can’t access anything fun), and 2) no risk of obtaining malware from a shared network, because VDI environments are isolated from other activity.

Unsecured WiFi

No matter how many policies you set against connecting to unsecured Wi-Fi, there will always be employees who roll the dice and work from the local coffee shop. Again, VDI makes this a non-issue. Workers can enjoy their lattes while securely accessing data through a secure, encrypted connection that’s impenetrable to the hacker at the next table.

Shared or public computers

Maybe last week, your CEO forgot her laptop when travelling to a conference. Using shared or public computers would normally create security issues, but if the CEO conducts her work using VDI, there will be no trace of her activities on public devices. She can conduct her work from an airport kiosk, or hotel business center securely.

State-sponsored threats

What if your CEO is flying to a country known to take part in state-sponsored cyberattacks and surveillance? A transit authority forces her to sign in to her laptop so he can “inspect” it. If the CEO uses VDI, there will be nothing of value stored on the device. And even with remote-access Trojans and other covert, malware-based methods, the government won’t be able to eavesdrop on what’s happening in the VDI environment.

Overseas contractors working with IP

VDI is offering companies the ability to employ contractors in other countries securely and affordably. Rather than shipping a full workstation loaded with proprietary files to a contractor in Europe or Asia, a company can simply ship a thin client with smart card access. When the contractor has completed the project, access can simply be revoked.

Methods for deploying VDI

The use cases are numerous, and so are the types of thin and zero clients available.

Zero clients are the most secure because they have no OS and no firmware, but have limited use cases. Thin clients are more popular and have a wider range of uses. These clients typically come with a few software options. The most secure option is to use a proprietary firmware technology, like Dell’s Wyse ThinOS, that has an unknown, unpublished API. Other software options include Linux or Windows. Both are inherently secure due to the low attack surface and the nature of VDI itself. Ultimately how you choose between them will depend on the applications and peripherals that you want to use with the devices.

If there’s something holding IT teams back from exploring VDI, it’s the perception that it’s a dated solution. But calling VDI a relic of a bygone era is like saying PCs can’t be useful because they came into vogue in the 1980s. Today’s VDI has evolved thanks to massive advancements in the technology powering servers, graphics cards and the endpoints themselves. It’s purpose-built for a new generation and a modern set of security challenges.

So, if you find yourself daydreaming about a world where mobile endpoints aren’t a constant threat to your security, VDI may be one way to get what you want without physically chaining your workforce to their desks.


Jeff McNaught is vice president and chief strategy officer at Dell Cloud Client-Computing. Jeff is widely considered the most quoted spokesperson for cloud client-computing in the world. With the experience of hundreds of speaking engagements, articles and press interviews, he is an authority on the topics of green IT, desktop virtualization and cloud computing. He joined Dell as part of the Wyse acquisition and leads end-to-end desktop virtualization strategy efforts with his talented team, made up of people from Dell and Wyse.

Jeff joined Wyse in 1987 as an engineer, where his most notable achievement was co-inventing and spearheading the development of the award-winning Wyse thin clients, now with millions of units in use worldwide.

The opinions expressed in this blog are those of Jeff McNaught and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.