Remote computing is coming of age. With workers in many parts of the world subject to stay-at-home orders due to the COVID-19 pandemic, telework has, for the moment at least, become the norm.
But if keeping company IT assets safe and secure was a challenge when most workers were on site, it’s become a much greater challenge when large numbers of employees are accessing their employers’ systems remotely over the internet. Cybercriminals are already moving to take advantage of what they see as a great opportunity. For example, the World Health Organization (WHO) is already warning of bad actors “disguising themselves as WHO to steal money or sensitive information.”
In this environment, what can companies do to protect themselves from malicious intruders while at the same time allowing their remote workforce to be as productive as possible?
In September of 2019, Microsoft fortuitously provided an answer to that question when it announced Windows Virtual Desktop.
What is Windows Virtual Desktop?
Windows Virtual Desktop, or WVD, is a Microsoft Azure-based service that allows companies to deliver a full Windows experience to their workers, whether on-premises or remote, through the cloud. As the name implies, with WVD the Windows desktop, along with Windows-based applications, are accessed virtually. In fact, the entire Windows environment, including applications, data, the user’s desktop interface, and even the Windows operating system itself, are all housed in the cloud rather than on the user’s local hard drive.
A major advantage of a virtualized approach like WVD is that access now becomes device- and location-independent. WVD desktops and applications can be accessed through Windows, MacOS, Android, and iOS devices. So, remote workers can use their laptops, tablets, and even smartphones to run Windows applications. And with its HTML 5 support, WVD services can be accessed through almost any of the popular browsers, including Edge, Chrome, Firefox, and Safari.
WVD allows you to choose either Windows 7 or Windows 10 as the virtual operating system. Any application that runs in either of these environments on a local computer will also run virtually through WVD. With its Windows 10 multi-session feature, WVD allows multiple users to log into the same virtual machine (VM) and virtualized Windows desktop. Or, if desired, each user can be assigned a separate VM with their own individual desktop.
Benefits of WVD
WVD offers some important benefits to small and medium-sized businesses (SMBs) and large enterprises alike. Let’s take a look at some of the most prominent. Note that in this discussion a “workstation” can be any WVD-enabled device, from a full desktop computer to a smartphone.
1. Complete Windows compatibility
As previously mentioned, any application that runs in a Windows 7 or 10 environment, whether homegrown or commercial, will run in WVD. That means all your legacy Windows applications will work fine under WVD. Productivity applications with which your users may already be familiar, such as Microsoft 365 (the new name for Office 365), are available. In addition, WVD is especially optimized for multi-session use with Office 365 ProPlus.
2. Access from anywhere and any device
With the WVD client installed on their Windows, MacOS, Android, or iOS devices, or by using any device that supports a modern web browser, your company’s workers can access their desktop and applications from essentially anywhere in the world.
3. Enhanced Security
The security advantages provided by WVD are immense. First, user workstations can be (or can be treated as) thin clients with no local storage of their own. This means that your company’s sensitive and mission-critical data need never be downloaded to the devices of your remote workers. Instead, data remains centralized and secure in cloud storage. The applications that work with that data are themselves executed in the cloud, and can be launched and controlled through the user’s virtual desktop interface.
A critical advantage is that even if users are careless about important security practices, such as keeping the anti-malware apps on their devices updated, the fact that neither protected data nor critical applications are actually running on the employee’s device provides a crucial extra layer of protection from having your system compromised by malware or phishing attacks aimed at remote workers.
Perhaps the most important benefit of WVD is that it allows security to be centrally managed. Your IT administrators can perform software upgrades or configurations once rather than having to do so for each individual workstation. The same user access management standards, such as strict password controls and multi-factor authentication, can be enforced on all workstations wherever they may be located. Plus, centralization allows administrators to better monitor which employees should be given access to particular applications or data based on the requirements of their roles in the organization.
All this significantly lowers your vulnerability to malicious actors, whether external or internal, and to the careless errors even the most conscientious of human workers can’t completely avoid.
4. Improved Disaster Recovery / Business Continuity
With WVD your DR/BC plans don’t have to be concerned with protecting or recovering data that’s scattered across a multitude of local devices. You need only ensure that the central data store is appropriately protected and replicated to enable swift recovery if an operational disruption occurs.
Even if a disaster should devastate some of your physical work locations, employees can quickly get back into the flow of your business from home or any other location by logging into their WVD portals using any device that can support a web browser.
5. Centralized management and support
Because applications as well as data are centralized, there’s no need to depend upon users to correctly install software, upgrades, or fixes. With WVD, IT administrators manage remote workstations from a central administrative console. That allows them to install software applications and tools, and to troubleshoot problems, much more efficiently than if they had to deal with applications running on a multitude of individual devices. Similarly, maintenance and upgrades to software or hardware are simplified by the fact that they can all be accomplished in a centralized location. (Even if data storage is spread among a number of physical facilities, IT admins can treat it as a single virtual data store).
The fundamental advantage of WVD from a management and support perspective is that it is a service built atop the highly mature Microsoft Azure cloud computing platform. By leveraging the well-established management and provisioning features provided by Azure, WVD allows your IT administrators to focus on managing your company’s virtual Windows environment without having to worry about the underlying hardware and software infrastructure.
6. Increased employee productivity and satisfaction
One of the most challenging and frustrating aspects of working from home is that employees who lack IT skills or experience are often required to figure out on their own how to connect into the company system and deal with the glitches that inevitably occur. With WVD and the centralized IT management it enables, much of the burden of handling such issues is lifted off the shoulders of individual employees.
In addition, the ability to access their online work environment from wherever they happen to be, using their preferred devices, provides employees with a level of flexibility far beyond what could previously be attained.
By allowing remote employees to concentrate on doing their jobs rather than on the nuts and bolts of getting and staying connected, WVD makes a definite contribution to increased worker satisfaction and productivity.
7. Easy deployment and scaling
Because it taps into the world-class provisioning capabilities of the Microsoft Azure platform, WVD is inherently highly scalable. Azure Virtual Machines and Azure Storage can be allocated as needed. Once your company’s WVD framework has been set up, applications can be deployed and scaled literally in minutes. WVD also provides the flexibility of delivering either the full desktop environment, or just selected applications, to specific workstations.
8. Significant cost savings
WVD has the potential of delivering substantial cost reductions in several different dimensions.
First, hardware costs are minimized because you don’t need to purchase fully equipped personal computers for use as workstations. As we’ve seen, thin client workstations, which can be far less costly than traditional PCs, work well in a WVD environment.
In many cases, companies forego purchasing hardware at all, allowing remote employees to use their own personal devices, with appropriate security safeguards installed. This is simply a further application of the BYOD (Bring Your Own Device) trend that has become increasingly popular over the last decade or so.
Because upgrades and maintenance are centralized, the costs associated with providing ongoing support for a large number of hardware units are substantially reduced.
Not only does WVD minimize CapEx outlays for hardware, but it also helps reduce your monthly cloud service charges. That’s because WVD can be thought of as essentially a “desktop as a service” product. And as is normal with such offerings, you only pay for the resources you actually use. By making use of the multi-session capability of WVD, which allows multiple users to access the same desktop virtual machine, you can reduce the number of Azure virtual machines you use and have to pay for.
WVD will be a game changer
As we move forward in this brave new world where telework will be much more the norm than it has previously been, companies that are early adopters of WVD will almost certainly gain a leg up on their competitors. Applied Innovations is one of Microsoft’s closest WVD partners. If you’d like to explore how WVD can work for your company, we’d love to help. Please contact us.