grandeduc - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Businesses eye VDI security to fight cyberattacks

The rise of data breaches puts security as a top priority in businesses, and VDI is a layer that can help IT minimize the number of vulnerable endpoints.

Security is top of mind for businesses more than ever before, which is why IT pros look to VDI security as a layer of protection they need.

VDI makes the enterprise more secure by minimizing the number of endpoints a hacker could reach. No content is stored locally on devices, allowing IT to focus on securing the data center. Regulated industries such as financial services, especially, must be aware of the threat of hackers, said Logan Rosenstiel, systems administrator at Rivermark Community Credit Union, a Citrix XenApp and XenDesktop customer in Beaverton, Ore.

"People, for all different reasons, are looking to target organizations, especially financial organizations such as us," Rosenstiel said. "We take information security very seriously. You have to protect yourself. I think that's a valid reason to make the investment in VDI."

Common attacks that can breach organizations' data centers include distributed denial-of-service (DDoS), ransomware and brute-force attacks. In a DDoS attack, the data center is overloaded with traffic from infected computers, shutting down all of a company's services. In a brute-force attack, hackers bombard the authentication layer of the data center with different passwords until they find the right one to infiltrate the network. A ransomware attack is when a hacker encrypts data so an organization can't access it and demands payment in return for the decryption.

There were about 1,500 breaches by hackers in 2015, up from about 500 in 2011, according to the Verizon "2016 Data Breach Investigations Report."

This rise in attacks has made businesses more sensitive to the issue of cybersecurity -- even cyberterrorism, which became a major topic during the presidential debates, said Kirill Tatarinov, CEO of Citrix, on this week's company earnings call.

Overall, awareness of cyber security is escalating quite dramatically.
Kirill TatarinovCEO, Citrix

"Overall, awareness of cybersecurity is escalating quite dramatically," he said. "This is certainly a major threat that everybody is feeling and everybody is experiencing."

Businesses need to take a layered approach to cybersecurity, meaning they need multiple security tools to protect themselves across the front- and back-end infrastructure, and VDI security is just one part of that, said Matt Kosht, an IT director at a utility company in Alaska and a XenDesktop customer.

"VDI definitely makes the surface area you have to secure a lot smaller," he said. "If you are adopting a layered approach, this is a layer you could use to advance security."

VDI security benefits are a big reason why IT buyers consider the technology to help reduce endpoint vulnerabilities, said Robert Young, a research analyst at IDC Research Inc.

Because VDI endpoints can't store corporate data, IT doesn't have to worry about them as a security threat. If IT allows users to access personal cloud storage or email services on their corporate devices, for instance, any breaches of those systems can't affect the corporate data on the user's virtual desktop because the data isn't local.

"Once that virtual session is terminated, the user doesn't have access to that data," Young said. "If you keep chewing down the value prop of virtual client computing on the IT side, it's really about security."

Next Steps

VDI app and OS updates come with challenges

What are cyberweapons?

Healthcare industry fights back against cyberattacks

Dig Deeper on Virtual desktop management