InfoSec-Specific Executive Development for
CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive
labs to build you and your team's InfoSec skills
For most organizations, virtual private network (VPN) access will continue to be a sound, reliable remote access strategy. Virtual desktop infrastructure (VDI) can be expensive, but may offer more granular security controls and restrictions, while keeping
all content in the core data center. Depending on the use cases, both are viable remote access options. In this piece, we explain the tradeoffs with each technology for organizations evaluating options and offer tips for implementing a secure remote
Remote access security considerations your company should keep in mind when evaluating VDI vs. VPN:
While every organization is different, here are a few guidelines when valuating VPN vs. VDI for remote access.
Consider VPNs unless bandwidth and performance issues crop up: If existing VPN access is functional and reasonably well locked down, VPNs are a sustainable method of enabling remote access as long as excess congestion (bandwidth and concentrator overload)
Consider VDI, if cost isn’t an issue: If the existing infrastructure is in place and license costs are not an issue, VDI offers more flexible remote access options in terms of desktop control, access controls and maintenance of applications locally
in the data center.
Consider using a VDI with a wide range of security and performance features. Key features to consider are PCoIP protocols that be configured to manage bandwidth and streaming, along with restrictions on endpoint clients accessing and using virtual desktop
Pooled vs. dedicated VMs: For most users and scenarios, a pool of VMs will be a sensible option. Dedicated VMs are preferable for more privileged users and data.
Use of MFA: Consider using it with all users where possible (for VPN and VDI).
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.
September 29, 2022
By IANS Faculty
Understand the integration points between information security and enterprise architecture. Find guidance for functional organizational constructs to maintain a solid EA practice.
September 27, 2022
By IANS Research
Learn how to ensure full cyber insurance policy coverage and find 5 tips to help maximize your potential cyber insurance claims.
September 22, 2022
Find information on cyber insurance coverage types along with best practices to choose a cyber insurance carrier and policy for optimal security coverage.