May 22, 2012 - Today’s mobile device users are demanding to access data from anywhere at any time. In fact, according to an annual ISACA survey on BYOD security, the use of mobile applications has nearly tripled since last year’s survey, and two-thirds of employees aged 18 to 34 have a personal device they use for work purposes.
Meanwhile, businesses are trying to reduce costs and simplify desktop management. Virtualized desktop infrastructure (VDI) allows users to access applications and data securely from remote locations with minimal risk of data loss, while simplifying desktop management within the traditional boundaries of the enterprise.
To help enterprises realize the benefits of VDI adoption and understand the security concerns associated with it, global nonprofit IT association ISACA has issued a white paper titled Virtualized Desktop Infrastructure (VDI), available as a free download. The paper spells out how to develop strategies to mitigate VDI threats and names enablers that can help with its adoption.
“A new, virtual way of working is shaping the world and affecting IT environments,” said Nikolaos Zacharopoulos, CISA, CISSP, IT auditor for Geniki Bank, Greece, and chair of ISACA’s project development team for the white paper. “VDI can help increase productivity and reduce costs, but enterprises need to carefully consider the risk involved with it and plan accordingly. This white paper is a road map for that.”
As end users increasingly need to access enterprise data from mobile devices and various workstations, the likelihood of a security breach if a device is lost or stolen is also increased. VDI offers a cost-efficient method to prevent lost or stolen data by storing data on a centralized server rather than the device itself. In addition to cost reduction, the business benefits identified in the white paper include:
- Increased security
- Enhanced compliance capabilities
- Efficient deployment
- Simplified administration
- Extended life of desktops
- Consolidated backup and data protection
“There is no doubt that VDI can help IT maintain security and data protection, as well as speed the resolution of problems and improve manageability and control,” said Zacharopoulos, “but all of the pieces need to be in place, as the white paper explains, including determining where the responsibility for virtualization architecture and management will reside.”
The white paper also states that governance and management of enterprise IT (GEIT) need to be part of the plan when adopting VDI. ISACA’s COBIT 5 assists with this by providing an end-to-end business view of GEIT, helping create value and reduce risk. The COBIT 5 framework is available from ISACA as a free download at www.isaca.org/cobit.
ISACA’s Virtual Desktop Infrastructure (VDI) white paper is available as a free download at www.isaca.org/vdi.