Virtual Desktops in the Cloud: Changing the Face of Desktop Security. A Desktone Whitepaper

Transcription

1 Virtual Desktops in the Cloud: Changing the Face of Desktop Security A Desktone Whitepaper

2 Contents Executive Overview.2 Desktops... 3 Desktop Management... 4 Desktop Protection and Data Loss... 6 Desktop Communication... 8 User Monitoring... 9 Conclusion About Desktone... 10

3 Executive Overview With an increasingly competitive and hostile business operating environment, it is important to identify and minimize risks, while embracing changes that allow us to thrive and grow in the marketplace. This paper will briefly examine the evolution of the personal computing environment and how organizations can reduce security risk while providing benefits for both the business and the employee.

4 Desktops Value of the desktop There is no question that the personal computer (PC) has brought tremendous value to both the business and the individual. While early forms of the PC and desktop operating environment were limited in ability, performance and value, the tremendous growth in computing power and the proliferation of both commercial and non-commercial software have enabled users to quickly perform essential personal and business tasks. With the explosive growth and increasing interconnectivity of the desktop, there are three core values exposed: business efficiency, information availability and entertainment delivery. Experts predict that more than one trillion devices will be connected to the Internet by Individuals do not use PCs because the tangible hardware or operating system is valuable, but because of the real and perceived value of the desktop, applications and information. Emergence of the virtual desktop Just as the PC has continued to evolve, a parallel technology has been driving innovation and efficiencies in the datacenter: virtualization. Virtualization is nothing new. In fact, it has been around for decades. Virtualization is the disconnection of the tangible asset (hardware) from the computing environment which runs on top of it. This has delivered tremendous benefit to the enterprise by allowing for increased utilization of limited computing resources and scaling with enterprise demand. However, a more recent application of this technology has been applied to desktops. Separating the hardware from the desktop running on top of it has significant benefits for the user and the business. For example, it allows the business a much faster on-boarding process when employee resource demand is elastic or when an acquisition takes place. For the employee or home user, it provides the flexibility and mobility to access their desktop from any computing device including home computers, laptops or the latest mobile device. Cloud hosted virtual desktops The term cloud is a metaphor that represents the flexible and elastic nature of Internet based computing resources. Based on the shared usage model of computing infrastructure, platforms and applications, many businesses have recognized the value of consuming essential services such as user management, hosting, and shared file storage from a cloud based service model. This dramatically reduces the internal expertise needed to stand up these complex infrastructures and allows the business to focus more aggressively on their value model. It is a natural and logical evolution for virtual desktops that they also should be provided as a service from a cloud based provider. This eliminates the need for IT experts with the very scarce knowledge of complex virtual desktop infrastructure deployments, while adding the value of enterprise scale data centers and high performance networks. Cloud based virtual desktops also eliminate the need for 1

5 expensive upfront capital expenditure, and moves the desktop cost into a more business-friendly operational expenditure model with rapid desktop provisioning. Importance of securing the desktop With an increased dependence on desktops as a critical part of the new business and personal utility model, careful consideration of desktop security is essential. Not only is valuable intellectual property, financial data and personal information regularly accessed, viewed and managed within this environment, but the user may also accidently or intentionally behave in a way that places the business at risk. All of these concerns can be categorized into a simplified list of four desktop security considerations: management, protection, communication, and user monitoring. Manage Ensure the desktop OS is effectively secured Monitor Assess user compliance with corporate guidelines Protect Defend the desktop from unauthorized access Communicate Ensure the desktop has secure communications Desktop Management The desktop environment has come under persistent and increasing attack from individuals and networks with malicious intentions. Recent reports have demonstrated that malicious software such as viruses, worms, trojans, backdoors and other forms of malware distribution continue to evolve and propagate. 2 While there are currently no studies that distinguish between traditional and virtual desktops, infection rates among client desktops range as high as 3.7% for some regions, while infected desktops located in the United States averaged around 1.3%. 3 In the first half of 2010 alone, more than 20 million computers were cleaned of malware. Clearly there is a real and persistent challenge for the IT staff to effectively minimize this risk

6 The technologies that have evolved around desktop management are plentiful. Anti-virus, antimalware, rootkit detection, and personal firewalls are only a few of the tools in the IT security toolbox which are often deployed to all desktops at a significant expense to the business. Beyond the individual desktop, enterprise wide desktop management tools are also deployed in the form of agents or monitoring software to facilitate such capabilities as configuration management, patch management, end point controls and application lockdown. Industry studies have shown the patch and configuration management segments alone to be millions of dollars worldwide and growing. As employees continue to ask for corporate access from newer and more exciting computing devices, this desktop management problem promises more challenges for the future. Traditional desktops The continued growth of malware infection rates only proves that the security management of traditional desktops is failing. With a one to one ratio of hardware to desktop demanding a model of geographically dispersed systems, this decentralization makes for an almost impossible management quagmire. Compounding the management challenges are mobile or travelling workers who are intermittently connected to a corporate network and the potential lack of local IT resources or support staff to address a problem when it arises. The current environment and outlook for the security management of traditional desktops is bleak. Virtual and cloud hosted desktops While the lack of centralization has led to a grim outlook for traditional desktops, the centralized nature of virtual or server based desktops holds both current advantages and even more promise for the future. Most of the current technologies that address the security of the desktop can be run in a virtualized environment. Essential components such as anti-virus are as easy to install on virtual desktops as they

7 are on traditional desktops. This is not to say there are no considerations to be made. For example, having 100 users all initiate resource intensive virus scanning at the same time on a single physical server, could cripple user experience and cause performance issues. However, with proper foresight and planning, these challenges can be eliminated entirely. A significant advantage of the virtual desktop is that the individual desktop never escapes central visibility, and tasks such as policy controls and patch management can be consistently applied. Further, some management capabilities such as end-point control are inherent to the protocols used in the virtual desktop and are easily deployed with no additional cost, while others such as personal firewalls can be extracted from the desktop into the underlying hypervisor requiring less desktop resource consumption and reduced licensing costs. The view for desktop management in the future is even better. While the current status for some technologies requires a similar approach to traditional desktops, i.e. installing the software or agent on the individual desktop, exposed interfaces in the hypervisor promise that tasks such as anti-virus may potentially be eliminated entirely from inside the individual desktop. This same evolution of centralized control is also evolving in the layering of operating systems, applications and profiles to allow for single step patch and configuration management. The capabilities will only serve to reduce complexity and requirements for desktop synchronization. While some of this management can seem daunting for the small and mid-size business, the benefits of this centralization can easily be realized through the cloud hosted virtual desktop model where the experience and maturity of previous clients can be applied immediately. Desktop Protection and Data Loss Not only is there tremendous business expense around desktop management, but the protection of desktops has also presented an equally significant challenge. In 2010 alone, more than 1.6 million data records were known to be lost on stolen laptops and computers. 4 This does not include the numerous incidents when the actual quantity of records was unknown or when the stolen computer was not reported. It also excludes the incidents when old hardware is sold or disposed of incorrectly. Protecting the data and intellectual property on the desktop has proven to be difficult. Not only are desktops physical assets that need to be protected, but there are also other means of unauthorized access: physical proximity or exposed remote desktop connections. The username and password are often the last, yet weakest, line of defense. Research has shown that one in nine users select one of the top 500 most common passwords, and that one in fifty select one of the top 20 most common passwords. 5 Desktops users are often predictable and make poor security decisions Mark Burnett, Perfect Passwords (Syngress Publishing, 2006), p. 108.

8 Traditional desktops The decentralized and mobile nature of traditional desktops has led to poor desktop protection by means of theft, loss, or hardware disposal. As the workforce becomes more mobile and offices are either closed or the business is more geographically dispersed, there is little prospect of better desktop protection. More sophisticated businesses are using technologies that employ hard drive encryption for the actual physical assets. However, as employees are increasingly asking to use new and varying mobile devices, these kinds of policies are difficult to implement consistently. As IT teams struggle to improve desktop security, password policies are being reviewed to require better and stronger passwords. Even security savvy users are often frustrated with the number of passwords they are required to remember and counter this by reusing passwords or incrementing numbers through password changes. Virtual and cloud hosted desktops Virtualized desktops can offer considerable benefits around the protection of the desktop, yet they face some unique challenges of their own. The centralized nature of the desktop means that a lost device is simply a lost piece of hardware. The millions of records exposed through theft, loss, and poor disposal means do not apply as the desktop is not physically located on the device. However, the centralized nature of the virtualized desktop means that a new group of people can potentially gain unauthorized access to the desktop namely the IT or operations team. What is to prevent an unauthorized individual from zipping up and downloading a virtual desktop from the datacenter and using it for malicious intent? This is a special challenge for the small and medium business market. Large enterprises offering on-premise models and cloud hosted virtual desktop

9 models offer the needed protections and policies for this type of access. Least privilege access controls, employee screening, regular confidentiality agreements, and training all address this concern. It is also valuable to ask for desktop protection assurance with appropriate multi-tenancy and segregation controls. Cloud based desktop service offerings will explicitly include the needed separation of duties between the service provider, the enterprise IT team and individual groups of desktop users. However, it is a mistake to ignore this for the on-premise virtual desktop deployments. It is not always appropriate or legal for all corporate groups to be running within the same tenant. For example, in a securities firm, investment banking activities are legally required to be separated from the research and brokerage activities to avoid conflicts of interest. In the small and medium business, there might not be such stringent controls for the desktop, but multi-tenancy and segregation can be highly desirable for liability or business policy reasons. Desktop Communication Not only is the data and information on the desktop to be protected, but the communication between the desktop and connected devices must also be secured. An obvious example of this requirement is the communication between the payroll administrator and the bank. If this communication was to be captured, intercepted or altered, there could be significant repercussions for the business. Transport layer security has become a required and critical part of our desktop environment. The implications of this for traditional and virtual desktops need to be considered. Traditional desktops At first blush, it may seem that traditional desktops are secure. That is, the desktop is already on a segmented, internal network that is not exposed to the Internet. For the mobile employee, a virtual private network (VPN) is often used to ensure the protection of the communication between the desktop and organization. However, statistics again show that the insider threat is real. As much as 8% of data loss incidents have originated from a malicious insider, while a staggering 45% of data records reported lost have involved a trusted third party. 6 These statistics point to an undisputable fact that the perimeter does not protect the traditional desktop when communicating with organizational peers, third parties or applications available on the Internet. Does the user know that communication with an SSL encrypted application may potentially be compromised when they see the warning message about an invalid certificate? Ironically, the employee is often conditioned to ignore this due to self signed certificates within the organization. Virtual and cloud hosted desktops Virtual desktops have an undeniable advantage when it comes to desktop communication. In fact, the front end communication between the user and the network is nothing more than a protocol which renders the visual, audio, media and component related aspects of the desktop. The more common 6

10 protocols used for virtual desktop delivery all use encryption including Remote Desktop Protocol (RDP), Independent Computing Architecture (ICA), Remote Graphics Software (RGS) and PC over IP (PCoIP). While some deployment guides for virtual desktops have recommended disabling this encryption for performance reasons 7, security would dictate that this is not a best practice in most situations. It would be a mistake to believe that front end encryption is sufficient security for the desktop communication. It is also important to secure the backend communication between the virtual desktop and network resources such as Active Directory, shared storage and enterprise databases. While this might be an obvious component of cloud based Desktops as a Service providers or large enterprises, ensuring that the appropriate VPN connections or multiprotocol label switching (MPLS) are configured correctly and comprehensively is often missed by small and medium businesses. User Monitoring A last and often overlooked category of desktop security is users themselves, and whether or not they are acting in accordance with corporate policy. Their cause of a security incident may range from accidental, to unintentional, to deliberate and malicious. Regardless of intent, the outcome of user activity can be costly. An employee may not believe that posting comments on a social network site could lead to a security incident, but an insignificant status update could lead to the ruin of a marketing or sales plan. An employee may not have explicit guidance about downloading images from the internet, but this could lead to corporate liability and fines. At the other end of the spectrum, incidents have been reported where user activity has been directly malicious and the security implications are tremendous. A recent incident involving a Private First Class leaking thousands of sensitive war documents has led to a White House condemnation. 8 The security conscious company will not only want to secure the desktop, but the activities of desktop users to prevent data loss, corporate liability or errant employee behavior. Traditional desktops While many technologies exist for data loss prevention (DLP), intrusion prevention systems (IPS), and user behavior monitoring, these are very much dependent upon the user actually connecting from a network or location where the technologies are deployed. Furthermore, the cost and complexity of managing these devices is non-trivial. The decentralized model of traditional desktops does not lend itself well to providing effective user monitoring on the network. Virtual and cloud hosted desktops

11 Virtual desktops not only offer the benefit of a centralized management point for user monitoring capabilities, but also provide efficiencies of scale. A virtual security center can be deployed to allow for high speed DLP and IPS appliances to monitor user behavior and protect them from decisions that could cause security concerns. Conclusion Desktops, virtualization and security: To many, these three terms may seem mutually exclusive as they are by historical perspective and traditional consideration, in opposition to one another. Desktops offer individuality, personalization and are based on distributed users. Virtualization is associated with flexibility, mobility and cost effectiveness. Security is perceived as being inflexible, rigid and controlled. One has only to think of new and more effective business models, and they will quickly realize that virtual desktops offer immense benefits, can be deployed quickly, are cost effective, and in the case of a Desktop as a Service offering, require no upfront capital expenditure. The added benefit of the virtual desktops is an ability to manage, protect, communicate and monitor with far greater security than the traditional desktop counterpart. About Desktone Desktone is changing the way people buy and manage desktops. Desktone pioneered the concept of Desktops as a Service (DaaS), the easiest and most affordable way to deploy cloud-hosted virtual desktops. The Desktone Cloud, Desktone s DaaS offering, provides all of the benefits of virtualized desktops without any of the hassles. By delivering virtual desktops in the cloud, Desktone enables businesses to rapidly provision desktops to users on any device, anywhere, without the upfront costs and complexity of traditional desktop virtualization transforming desktops from a CAPEX to OPEX item. For more information about the Desktone Cloud, visit