ra2 studio - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Should businesses use HTML5 remote desktop clients?

HTML5 clients can serve as a widely accessible, mobile friendly way for users to access virtual desktops, but there are still a few security kinks to work out.

Browser-based clients are becoming more popular for delivering virtual desktop access, because they offer a simpler approach for both IT and end users. Even though HTML5 could be the future of desktop virtualization, security-conscious organizations might be a little hesitant.

The value proposition is very enticing because HTML5 browsers are pretty ubiquitous. We have them on computing devices ranging from tablets and smartphones to Google Chromebooks and laptop PCs. Some companies and end users will soon have televisions with embedded browsers, and the Internet of Things could even bring us refrigerators with Google Chrome built in. With all the support for browsers, let's examine whether businesses should use HTML5 remote desktop clients. 

Benefits and downsides of using HTML5 clients

With the browser-based approach, IT administrators don't need to install client software locally on users' PCs or other devices. HTML5 remote desktops also don't store any data on the client itself. Instead, data reaches the client through the WebSocket protocol. That means administrators don't have to worry about securing data locally on users' personal devices and employees can access their corporate data from anywhere.

HTML5 supports mixed media very well and is also the industry standard for Web pages, which means you can depend on these browsers to keep up with technology advances. Browsing is also the only common paradigm across all client devices, so HTML5 browser-based clients are an even better option for organizations focused on mobility.

There are potential negatives to using an HTML5 client, though. Browsers are attack targets for hackers, which will raise red flags for companies that can't compromise on security. Key logging and data stream capture are two examples of potential attacks. These are problems with the other desktop virtualization alternatives, too, but the sheer volume of browsers makes them a prime target.

Once HTML5 clients become more secure, the browser-based approach should become the main strategy for organizations doing desktop virtualization. Using HTML5 as the sole client-facing interface for apps, virtualized desktops and Web pages will help simplify the IT industry.

Next Steps

Learn why HTML5 apps are ideal for enabling mobile workers.

Dig Deeper on Virtual desktop infrastructure and architecture

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Are HTML5 clients worth the security risk?
I'm not sure I can agree with the premise of this article that since browsers are security attach targets we should not use them for VDI desktop access. I am using Chromebooks for this purpose for over 2 years and have over 500 users. Chrome OS is a very secure platform and I have seen no evidence of key stroke logging attacks successfully implemented there; or other types of attacks for that matter. The cost and complexity reduction associated with this platform is significant and I trust Google's ability to secure the environment. Chromebooks are always overlooked when people write about this subject. It certainly makes no sense to run a desktop in browser on a PC, phone, or tablet since there is a readily available client. However, the simplicity of Chromebooks far outweighs the perceived risk you mention above.