InfoSec-Specific Executive Development for CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive labs to build you and your team's InfoSec skills
For most organizations, virtual private network (VPN) access will continue to be a sound, reliable remote access strategy. Virtual desktop infrastructure (VDI) can be expensive, but may offer more granular security controls and restrictions, while keeping
all content in the core data center. Depending on the use cases, both are viable remote access options. In this piece, we explain the tradeoffs with each technology for organizations evaluating options and offer tips for implementing a secure remote
Remote access security considerations your company should keep in mind when evaluating VDI vs. VPN:
While every organization is different, here are a few guidelines when valuating VPN vs. VDI for remote access.
Consider VPNs unless bandwidth and performance issues crop up: If existing VPN access is functional and reasonably well locked down, VPNs are a sustainable method of enabling remote access as long as excess congestion (bandwidth and concentrator overload)
Consider VDI, if cost isn’t an issue: If the existing infrastructure is in place and license costs are not an issue, VDI offers more flexible remote access options in terms of desktop control, access controls and maintenance of applications locally
in the data center.
Consider using a VDI with a wide range of security and performance features. Key features to consider are PCoIP protocols that be configured to manage bandwidth and streaming, along with restrictions on endpoint clients accessing and using virtual desktop
Pooled vs. dedicated VMs: For most users and scenarios, a pool of VMs will be a sensible option. Dedicated VMs are preferable for more privileged users and data.
Use of MFA: Consider using it with all users where possible (for VPN and VDI).
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.
October 19, 2021
By IANS Faculty
Continuous compliance requires continuous monitoring and validation of controls in the environment, as well as integration with governance, risk management and compliance tools and platforms. Understand the processes, tools, stakeholders and focus required for a best practice continuous compliance program.
October 14, 2021
Learn how the DDoS threat is evolving and get a step-by-step playbook to ensure your organization is protected against DDoS attacks and has a response plan in place.
October 12, 2021
Uncertain how to secure your M365 environment? Our Faculty identify and explain the five primary areas of M365 that will provide the best security return-on-investment with the least user experience impacts.