Maintaining VDI security hygiene without resistance from employees

CISO’s are all too aware that maintaining 100% uptime is essential for productivity and to this end they prioritise the availability and protection of their organisations’ systems. The spectre of the WannaCry ransomware attack, which cost the NHS in the UK millions and could have been fended off by a software update made available weeks before, looms large in the minds of anyone with responsibility for security.  

It’s understandable. The cyberattack surface is constantly growing, and as well as safeguarding their companies and their colleagues against corporate threats, many CISOs feel they are now obliged to become the go-to authority on volatile global and national security issues too. 

Their determination to close gaps in their corporate armour by strictly imposing a rigid upgrade programme, however, can meet with considerable resistance. One of the biggest challenges is establishing a more cyber-security-focused culture. All too often the security team are regarded negatively, seen as imposing disruptive processes that are considered unnecessary by other departments. Many employees don’t want to engage with cyber-security practices, and while they fully expect to have access to systems and solutions 24/7, they have little patience for the impact on their everyday tasks that an update might present. Human nature also plays its part in the delaying tactics that are used to avoid installations that could change or impact employees’ familiar interactions with existing applications.   

The difficulty of keeping remote workers secure

Putting in place a cyber-security culture was tricky enough when employees were office-based, but it has become even more so now that hybrid and remote working are the norm and reliance on remote managed and unmanaged access solutions is commonplace.

Cloud-based solutions that provide virtual desktop and virtual PC infrastructure including Citrix, Azure Virtual Desktop, w365 and VMWare, have helped to establish hybrid working as standard practice. Not only do they deliver the data and applications that employees need they also enable companies to control resources such as identity and access policies and make system administration much easier. The flip side to this, however, is the frequency of security updates and re-configuration that must be factored in to protect users and information.  

From a CISO perspective virtual infrastructure allows them to keep their arms around the security ecosystem. They can take advantage of the often monthly patches to physical servers and guest virtual machines and keep systems up to date with new software versions as and when they become available, knowing that this will protect against recently launched malware and remote access security flaws.

While some security software updates can take just minutes, others can take hours, involve reinstallation, and require the involvement of employees and this can have operational implications. Employees are no longer in a confined, controllable space using only company-managed endpoints. Instead, a mixture of managed and unmanaged devices is now more commonplace, and while CISOs are under pressure to keep security update activity to a minimum, they are only too aware that they must balance this with the potential risk of a cyberattack and the growing vulnerability of unmanaged devices.   

There is no doubt that virtual desktops, particularly those that are regularly updated with security patches, can enhance systems against attacks on applications and data at a cloud level. Securing data input at the endpoint – even a virtual endpoint – however, carries the same risk that it always did.  

New approach could solve the issue

It is possible that adopting a new security strategy and/or implementing just one type of security solution could have the answer to both problems – enabling CISOs to reduce disruptive updates and at the same time defend devices against attack.

Fundamentally, and against a backdrop of increasing cyberattacks, all organisations should be implementing zero trust. It may not be a popular approach with employees initially and requires considerable buy-in at every level from the c-suite down, but it is the most effective way to ensure that access is given only after the user or device is assessed and verified. 

If zero trust is just a step too far, or while it is being established, CISOs should be looking for a security solution that enhances and supports their existing remote access infrastructure. This needs to protect against the most insidious cyber-attacks, such as kernel level keylogging and screen grabbing, which are commonly deployed on unmanaged endpoint devices as a means for bad actors to gain entry to corporate networks. 

This type of protection, which is as effective in defending virtual desktops as it is in combatting attacks on any physical device, will wrap data and applications securely, ensuring that they are containerised against malware, without any need to identify the malware itself. 

Combatting the complacency of employees when it comes to spending time on cyber-security practices means finding solutions that are easy to implement and deploy, and most importantly, which require a single download to the device they are using. CISOs or administrators should have visibility over who has already downloaded the solution and straightforward mechanisms to ensure non-users are directed to download it so they can gain access to their virtual desktop infrastructure. 

The net effect of this is that any device, whether it is outside the physical corporate perimeter, within it, or in transit, will continue to be protected. CISOs will also have the reassurance of knowing that they can achieve a more workable approach to keeping the company, and employees, secure, and can reduce the frequency of updates that threaten to impact operations, or which are meeting resistance from colleagues. 

Dave Waterson

Dave Waterson is CEO at security company SentryBay and an expert in endpoint and application security. His technical focus areas are anti-keylogging, anti-phishing, data security, secure browsing, IoT, mobile security, identity theft and cloud-based security. He was included amongst the top 10 tech thought leaders identified by A.T Kearney at the World Economic Forum in Davos and is a winner of the Great British Entrepreneur of the Year Award, for cyber security.

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...