Virtualization is such a broad term and a hot topic among IT professionals. However, just because your organization has conquered server virtualization, or is well underway with confidence, if you proceed with the same desktop virtualization practices, you will be setting yourself up for failure.
As a defined project, many enterprises and smaller companies are investigating and piloting what it will take to abstract the user endpoint and provide it as a service centralized from within the data center. Technology vendors can provide virtualization of an entire user system from the operating system, applications to even personalized applications and data, or they can provide each layer as a distinct abstraction. These would include streamed hosted desktops, virtualized applications akin to terminal services of the past, and user virtualization, providing a means for a consistent user experience across various connected endpoints to the virtual environment. That's a lot of options to consider. How do you measure success and determine the best route to support your end-users, and how might this change security for these solutions?
Server virtualization is clearly out of the hype cycle. It provides the ability to get more efficient with computing resources, data center power and infrastructure. This efficiency provides other benefits such as improved options for higher availability, business continuity and faster disaster recovery methods. The digital consumer experience and appetite for responsive and always-available internet and services crept into enterprise expectations for employees, but fundamentally, the servers originally located in the data center are still in the data center. As long as the server is responsive and meets the business service level agreement, virtualization will provide the infrastructure for ease and more cost-efficiency.
Even best-practice security for virtual servers doesn't alter drastically. Relying on the robust network perimeter defense already established in data center virtualization enables the continuation of granular network segmentation and network service configuration down to the virtual network interface. Proper configuration and diligence with patch management and change control is still critical to mitigate risk across physical and virtual servers. Preventing unwanted and unauthorized changes to the virtual servers, virtual machines and hypervisor layer are also common security policies.
If you provide the virtualization of the endpoints, the workstations and laptops of the corporate users, through virtual data center infrastructure (vdi) you could provide better control of the data, centralize and reduce endpoint management costs, and provide more efficient patching and IT controls to minimize risk. The next logical step would be to start looking at how to re-create the endpoints as virtual desktops or services. This is the pitfall. This thinking worked fine for the virtualization of servers; after all it was just transforming a physical server to a virtualized one. But these desktops are not just infrastructure, they are tools and the means to which employees are productive and interact with corporate data. Through the consumerization of IT, access to corporate data is not always through traditional desktops, as more companies are allowing employee devices to connect to the network and access basic email and intranet services.
Reinventing How Employees Work
This is the perfect opportunity for enterprises to reinvent how employees work and how IT can provide and support this new model. Look at ways to maximize and get the efficiencies of scale out of the most expensive resource in the organization - the workforce.
Don't think you can replace three workstation or laptop models with three virtual desktop workflows. The reality is that only a small segment of your organization can effectively work with dynamic vdi desktops emulating a single type of workstation or laptop. For now, only those in highly regulated industries with the need for strong compliance, or those with very consistent task orientated workflows like call centers, healthcare workers or manufacturing will benefit from a singular workflow. For the rest, a one-size-fits-all model will just not work. The digital consumer experience of being able to personalize and have choices and options is influencing expectations for corporate work environments. Getting closer to the experience of their original workstations and how they were used would be persistent vdi workflows for the corporate user.
Going a Step Further
As architectures begin to develop, and advances in optimized server memory and storage come into play, the option to support persistent vdi workflows is slowly becoming more mainstream and cost effective. The benefits of accessing a personalized corporate virtual desktop from various devices - whether an iPad, smartphone or personal computer - create options for work efficiencies that can truly transform organizations. But don't just look to recreate a traditional workstation through a persistent vdi workflow that allows for personalization. Go one step further, redefine personalization. Instead of personalization being a code word for the end-user freedom to install any application, put some corporate control into what is being introduced into this workspace. Leverage the current consumer digital trend by creating ‘apps' and a corporate app storefront to showcase those recommended and authorized for corporate use. IT can vet the acceptable applications, ensuring that they are not malicious.
This strategy may also need an alternative for measuring success for vdi desktops. Currently, much of the focus is on reaching an acceptable virtual machine density for return on investment. Success should be based on the IT platform and meeting the service level agreements or end-user expectations. The focus should be based on determining whether virtual machine security is preventing unwanted or unauthorized applications or data, and ensuring that the devices connecting through the network to the virtual machine meet minimum security policy standards. If the sole focus is on hitting performance benchmarks, you may miss out on the ability to optimize your workforce, giving them the tools to be agile and flexible to address business issues securely.