Remote work over VPN is fraught with security issues. Is a browser-based cloud desktop the answer?

Virtual Desktop Security

The 2020 Pandemic has caused permanent disruption to business and critical user workflows. Most universities felt pain points during the pandemic in an effort to maintain productivity. In the post-pandemic world, most universities and staff expect remote work environments.

However, daily ransomware attacks are a reminder that while maintaining user productivity is important – ensuring security is paramount. Colonial’s pipeline’s CEO told congress that the attack occurred using a legacy Virtual Private Network (VPN) system that did not have multifactor (MFA) authentication in place. As hackers become more sophisticated and have increasing access to advanced computers, brute force attacks are becoming common, driving the higher education community to take an active approach addressing ransomware and denial-of-service attacks.

Is a reliable, consistent, and secure cloud solution out there? And if so, is the product cost within the realm of reason? Do we dare consider this possible when many virtual desktop solutions bring more complications than solutions? Most enterprise desktop and application environments are expensive to purchase and maintain, on-prem hardware management and eventual replacement, over-complicated products, and often poor support.

Common Issues Implementing a Successful Remote Work Environment

2020’s pandemic changed the rules for technology; we are now faced with providing on-prem and remote work capabilities. Many CIOs who have faced the challenges of implementing and maintaining a traditional VDI may cringe at the idea of implementing one for remote work. Let’s take a look at how Apporto is different from traditional VDI:

 

Traditional Approaches vs. Apporto’s Cloud Native Solution

Challenge

Common Approach

Apporto’s Modern Solution

Remote access

VPN required

VPN clients required

Firewall and policies required

No VPN required

No client required

IPSec tunnel flexibility for connections to on-prem/ hybrid resources

User desktops and apps

VDI (expensive and complex)
Cloud desktops often added cost

On-prem/hybrid connections require separate access methods, complex to manage and maintain

Cloud desktops are accessed through browser, no need to manage any hardware

Apporto updates OS images and app updates by request, you can offload these tasks to our support team

Hardware

Must be purchased and maintained

No hardware to purchase or maintain

Hybrid solution available to re-use existing hardware clientless with our product

VDI complexity

Multiple images required with permanent storage costs

Ongoing maintenance and updates are required

One image for each OS

Containerized options to save costs (including SQL)

Apporto handles all typical OS image updates, and by request will update any of your apps

Disaster recovery

Typically does not exist for most enterprise environments

Complex to manage and maintain multiple environments (prod/test/dev)

Simple, cost-effective DR is built into the solution.

Customers use our cloud solution for both prod and dev/test environments

Simple and effective to maintain separate prod/test/dev environments

Security

Virtual desktop security is only as good as the underlying configuration, e.g. existing Active Directory configurations often do not reflect a least privileged or zero-trust access

Clients are required, which carry vulnerability of gaining privileged access, potentially allowing remote code execution for gaining access

We adhere to zero-trust policy-based security

Apporto is clientless, we rely on the trusted security of highest levels of HTTPS encryption available today

Apporto works with your existing MFA without additional configuration required by integrating our instance with your SSO Identity Provider

Apporto uses dedicated cloud networks with AWS and Azure which dramatically decreases risk of successful DDoS and ransomware attacks into your infrastructure

Support

Often requires additional purchase for substandard service

Not possible to offload support to vendor

Our support is included

Dedicated 24X7 support team standing by for admin and/or user assistance

Ability to offload some help desk tasks to Apporto

Apporto provides CSM at no additional cost, primary technical contact (e.g. image updates, app additions, analytics)

Least privileged access

Managing all the images required for various users/groups is unwieldy

Apporto enables an admin to create one image and then create desktop variants – those deliver a simple app (no OS access) or a desktop with the minimal set of applications needed by this user

Industry expertise

Virtualization vendors historically focus on healthcare, finance, and large enterprise accounts

Faculty training not available

Administrator training only available through expensive professional services contracts

Apporto’s focus is Higher Education, we understand the classroom environment and challenges that come with it, we install and daily manage GPU-intensive applications common to STEM courses

Apporto offers Faculty Training, Administrator Training included in the service, every college and school district has access to this service no matter your size

 

Take the next step toward securing and modernizing your institution’s remote work solution and try our online demo. You’ll get immediate access to our live demo, try it out and see for yourself!