One of the big challenges for IT organizations is ensuring that desktop computers are current with operating system and application software updates and are running the latest anti-malware software and definitions. These software updates are critical for baseline security protection, yet they are also hard to manage. Updates are released at least monthly, which puts a strain on IT staff.
Not only do IT managers need to test the updates to see if they cause any problems with existing configurations, they also must ensure the updates are actually deployed. This can be challenging when some computers connect to the network intermittently and thereby aren’t running with the latest security patches. It’s also difficult to ensure that anti-malware software is running with the most recent definitions; when definitions are months old, they don’t provide much more protection than not running anti-malware software at all.
These risks, caused by the error-prone process of securing user clients, are unacceptable in an era when cyber-attacks can bring a company to its knees.
A shift away from traditional desktop computers to VDI solves the bulk of these problems.
Where VDI improves this situation is in central administration. Administrators only need to keep the central VDI virtual machine images updated. As long as the master image is on the latest security fixes, all the VDI VMs will also have the same protection. The centralized updates also can include the latest anti-malware definitions.
Another security benefit of VDI is that in many deployments, the VM is non-persistent and is discarded once the session ends. This means that any malware that may have gained a foothold during a VDI session will be eliminated when the next VDI VM is deployed from the master image.
Underwritten by HPE, NVIDIA, and VMware