What’s one of the biggest differences between traditional VDI and DaaS? According to the research — it’s security.
A recent Forrester Consulting Total Economic Impact™ (TEI) Study commissioned by Citrix says that 58 percent of organizations believe that hosted desktops are more secure than traditional desktops. But when we talk to organizations that rely on on-premises offerings about IT modernization and migrating desktops to the cloud, they tell us that one of their most significant barriers to cloud adoption is the fear of increased security risks. While these fears aren’t entirely baseless, the larger truth is that when compared to the datacenter-based solutions of old, DaaS is, at the very least, just as secure and, in most cases, even more secure. That’s especially true when it comes to delivering new models of secure hybrid work.
While there’s no clear-cut answer as to why so many organizations believe the myth that moving to the cloud introduces unnecessary risk, what is clear is that there’s a lot of data that speaks directly to the security benefits of DaaS. Research from Forrester, ESG, and IT Central Station points to the fact that the ability to secure and protect apps and data is more likely to improve when desktops are deployed in the cloud. And that prioritizing DaaS models is vital for IT decision makers who need to help their organizations embrace a future that is poised to be nothing short of cloud-first.
What Forrester says about cloud desktops and security
According to the Forrester™ TEI Study:
- Survey respondents estimated that 44 percent of revenue was at risk two years ago, based on the number of employees requiring access to company data and the procedures and security tools at that time. Today, (post-migration) this has dropped to 33 percent.
- With the Citrix solution for DaaS, employees don’t download data to their devices. They can view data on the remote VM running in Microsoft Azure. This is a critical security feature for remote workers accessing sensitive company data
- With Citrix’s cloud services, the risk of data leakage is lower as remote employees can use home or public internet access with less risk of snooping.
- Organizations can also block employee downloads without impeding work, and cloud services are up to date with the latest patches.
- Employees have convenient, secure access to company resources, allowing them to save a significant amount of time, even when working remotely. This adds up to $1.9 million over three years.
- With the Citrix solution for DaaS running workloads on Microsoft Azure, including the Azure Virtual Desktop entitlement, customers could deliver secure, managed virtual experiences for employees working anywhere on any device. Given the effects of the COVID-19 pandemic, this was an especially valuable feature as a significant number of employees needed to transition to a work-from-home setting almost overnight.
What ESG says about the cloud and security
According to the recent ESG study, “Are Desktops Doomed. Trends in Digital Workspaces, VDI, and DaaS”:
- As organizations focus more on delivering digital workspace environments that include apps, data, and devices, the number one priority for organizations is improving employee collaboration. However, the study says that “security continues to be a top priority as organizations look to protect and secure an expanding perimeter. Specifically, IT professionals,” it says, “are prioritizing the abilities to both detect and respond to security incidents. Additionally, organizations want to control and set conditions for endpoint security policies that balance security with end-user productivity.”
- 79 percent of the study’s respondents say they believe alternative desktop delivery models such as VDI and DaaS are more secure than traditional desktop delivery models.
- DaaS has indeed “ridden the cloud surge to close the adoption gap with VDI. And can deliver improved security and BC/DR, as well as reduced OpEx …”
- “Desktop-as-a-service is enabling companies to improve security and keep sensitive data off devices as workforces continue to become increasingly mobile and employees become more likely to work remotely.”
What the IT Central Station Peer Paper™ Report 2021 “Making the Move to Desktop as a Service (DaaS): Aligning Security with Productivity” says
- DaaS and Securing Remote Work: It’s what makes DaaS-driven productivity feasible, and based on their experiences with the Citrix solution for DaaS, IT managers said the solution was essential in ensuring security for remote, DaaS-based users. While users, on the other hand, pointed to features including security analytics and support for policies like zero trust and endpoint security as critical.
- Security Analytics: Analysis of security data is a crucial element in ensuring security for DaaS users and the systems and data they access. As a Technical Team Lead at an energy/utilities company with over 1,000 employees explained, “Citrix Virtual Apps and Desktops, its analytics, and security policies will allow us to quickly identify any anomalies in an automated type of fashion using AI, which will allow the technology to act upon those anomalies without any human intervention.”
- Establishing Zero Trust: For DaaS users, an increasingly important requirement appears to be support for the zero trust security model. This is the case for the software company Senior Engineer, implementing zero trust as a security strategy. He said, “Citrix is excellent as an end-to-end solution for implementing zero trust principles. We are able to use security analytics to determine whether a device or a user has been compromised, and we can actually then log the user off or block the user from accessing our Citrix environment.”
- DaaS and Endpoint Security: Even though it’s a virtual desktop, DaaS still functions on a real endpoint device. As a result, endpoint security is a significant aspect of securing DaaS users and the organization that deploys DaaS. A Citrix Engineer at a legal firm with over 1,000 employees offered insights into how this works. He said, “The security of your intellectual property and data when remote employees are using Citrix is very high because, with Citrix, you can limit access to the local device and access to the network.” Users cannot copy files if policies prevent that action between the Citrix session and the endpoint. It is also possible to prevent printing or block any data from leaving the virtual desktop.
This is only a sampling of the proven insights leading research and analyst firms say demonstrate that DaaS can only strengthen your approach to securing apps and data in a world that is not going back to an in-office-only work model. Cloud migration is a must and can indeed take place on a timeline that meets your organization’s unique needs.
Learn more about dispelling the cloud security myths that may be holding your organization back from migrating desktops to the cloud.