7/27/2019 Dell Tackling Security and Compliance White Paper[1]

1/3

1

1 http://www.idtheftcenter.org/artman2/uploads/1/ITRC_Breach_Stats_Report_20101229.pdf

Todays tight regulations

Itsnotjustnancialinstitutionsthatarewrestlingwith

complianceissues.Publicsectororganizationslike

healthcare,education,andgovernmentocesare

challengedwitharaftoffederalregulations,includingthe

HealthInsuranceandPortabilityandAccountabilityAct

(HIPAA)andHealthInformationTechnologyforEconomic

andClinicalHealthAct(HITECH),theFederalInformation

SecurityManagementAct(FSMA),andtheFederal

EducationalRightsandPrivacyAct(FERPA).Individualstates

andindustriesmaysupplementtheseregulationswith

standardsoftheirown.

Internationally,companieshavetodealwithprivacy

regulationssetforthbymultinationalcoalitionslikethe

EuropeanUnionsDataProtectionDirective,andby

individualcountries,likeJapansPersonalInformation

ProtectionLaw.

Eachoftheseregulationshasitsownsetofstandardsand

requirements,butinjustaboutallcases,theyrevolvearound

protectingprivatecitizen,student,andpatientinformation

fromunauthorizedaccessandmalicioustheft.Regulatory

complianceiscomplicatedevenmorebythesheervolume

ofdigitalinformationthatmustbeprotected,thanksto

electronichealthrecordsandretentionrulesthatdemand

electronicinformationwhichincludese-mailmessages,IM

transcripts,faxes,documents,andimagesbearchivedfor

decadesorlonger.

Asidefromcompliance,majordatabreachesoftenbecome

publicinformationthatcanproveembarrassing,economicallydamaging,andlegallyproblematicforthetargeted

organizations.In2010,forexample,militaryandgovernment

agenciesmistakenlyexposedthepersonaldataofthousands

ofcitizensinatleast104incidents,upfrom90in2009,

accordingtoastudybytheIdentifyTheftResourceCenter. 1

Protectinginformationinthedatacenterhasits

challenges,butthechallengesmountwhenitcomesto

protectingend-userlaptopanddesktopPCs.Muchofan

organizationsmostcurrentinformationoftenresideson

thesedevices,whichnotonlysitoutsidethemoresecure

datacenter,buttravelacrossthecountryortheworld

withtheirmobileusers,alongwithUSBthumbdrives

andsmartphones.Portabledevicesarefrequentlylostor

stolen,andkeepingthemuptodatewithsecuritypatches

andupgradescanbedicultwhentheyrenotalways

connectedtothecorporatenetwork.Moves,adds,and

changescantakedaysorevenweeks,exposingsensitive

datatounauthorizedusebyinternalpersonnel,former

employees,ormaliciousthirdparties.

Manyoftodaysorganizationshavealargevarietyofuser

clientsystemsandmobiledevices,requiringITtomanage

andmaintainnumeroustypesofclientsystemimagesin

acompliantstate.ManyITorganizationsharnessvirtual

machinesandtoolssuchasSymantecGhosttomanage

imagecompliance,butthesetoolsincreasecomplexityand

administrativeoverhead.

Theresalsotheproblemofusererror.Carelessorpoorly

trainedemployeesmaydownloadquestionablelesand

applications,disablepasswords,lookforwaystogetaround

securitypolicies,andneglecttheirdatabackupallleading

tocompromiseddataprotection.

Advantages of desktop virtualization

Organizationslookingtoaddresscomplianceandsecurity

challengesshouldseriouslyconsiderdesktopvirtualization.Similartoservervirtualization,desktopvirtualizationabstracts

theuserdesktoporlaptopcomputingenvironment,

includingoperatingsystems,userpreferences,applications,

anddatastorage,fromthephysicaluserhardware.While

usersmaybeusingtheirlaptopsordesktopsforwork,the

Tackling Security and Compliancewith Desktop Virtualization

http://www.idtheftcenter.org/artman2/uploads/1/ITRC_Breach_Stats_Report_20101229.pdfhttp://www.idtheftcenter.org/artman2/uploads/1/ITRC_Breach_Stats_Report_20101229.pdf

7/27/2019 Dell Tackling Security and Compliance White Paper[1]

2/3

2

resourcesandapplicationstheyreusingcanbestored

securelyonacentralizedserverandaccessedovera

corporatenetworkortheInternet.

Howcanorganizationstakeadvantageofdesktop

virtualizationtosecureuserapplicationsanddata?

Virtualize desktops in the data center.Onceyouhost

youruserdesktopimagesinthedatacenter,youaddress

themostcommonproblemoflaptopanddatatheft.Since

thedesktopimageanddataarenotactuallystoredonthe

physicalPC,theftorlossdoesnotexposeapplications

anddatadirectlytothievesorotherunauthorized

users.ITcaneasilyblockdatacenteraccessfromthe

compromiseddevice.

Anotheradvantageinvolvesleveragingthesuperiorphysical

securityofthedatacenterandputtingvirtualdesktopswithin

mucheasierreachofIT.Administratorscanmanageaccess

andimplementmoves,adds,changes,patches,andupdates

onvirtualdesktopsmuchmoreeasilythanwhendevicesare

widelydispersed.

Centralizingvirtualdesktopsandlaptopsinthedatacenter

makesitmucheasiertoadoptotherbestpracticesforsecurity:

Create hardened templates.Itseasytoimplementand

maintainstandard,hardeneddesktopimagecongurations

acrossyourcentralizedvirtualsystemsusingimagetemplate

tools.Youcanevenlinkmasterimagestoindividually

customizeddesktopandlaptopimages,soyoucanpush

outnewsecuritypatchesandpolicychangeswithasimple

imagecongurationupdate.Inaddition,recentprovisioning

technologiesallowyoutocreatecatalogsofsystem

snapshotsthatcanbere-usedandreferencedincaseof

complianceandsecurityaudits.

Lock down or manage access to USB ports.Itseasierto

setandenforcepoliciesandsecuritymeasures,suchas

dataencryptionorlockingdownUSBports,acrossvirtual

systems.ThispolicypreventsusersfromcopyingdatatoUSBmemoryorotherportabledevices.

Prevent malicious downloads.ITcanmonitorsystem

changesmoreeasilyinthedatacenter,soifauserviolates

downloadpolicies,ITcanquicklyreverttheoendingvirtual

systembacktoitsprevious,securestate.

Back up virtual desktops.Ratherthandependingon

unreliableuserstobackupeachindividualclientdevice

whenandiftheyhavetime,ITcansimplybackupalltheserver-basedvirtualuserdesktopsatoncetoanetwork-

attachedorremotestoreandrecoverthemquicklywhen

necessary.Ifalaptopordesktopisdamagedorstolen,user

informationisstillaccessibleinthedatacenterandcanbe

assignedquicklytoanotherdesktoporlaptopdevice.

Update security software.Usersworkingontheroador

athomeontheirpersonaldevicesaremorelikelytopick

upviruses,worms,andothermalwarethanwhentheyare

workingattheoce.Whenyoustorevirtualizeddesktops

inthedatacenter,itseasiertoapplysecurityupdates

acrossvirtualsystemstopreventmalwareinfections.If

thereisaninfection,youcanrunsecurityscansandaddress

potentialproblemswithoutfearthataremotedevicemay

downloadmalwareandtheninfectyourenvironmentwhen

itreconnects.

Centralize Web and SaaS access.Becauseallusersare

accessingvirtualsystemsinthedatacenter,youcanenforce

asinglesecurepointofaccesstotheWebandsoftware-as-

a-serviceapplications.

Virtualize your contractors.Ifyouwanttoprotect

condentialdatawhenworkingwithcontractorsortemporary

employees,givethemasecurevirtualdesktopontheserver.

Theygettousetheirownhardwaredevices,andyougetto

enforcewhateversecuritymeasuresarenecessary,including

encrypting,locking,anddeletingsensitivedataorterminating

usersimmediatelywhennecessary.

Security and compliance with Dell virtualdesktop solutions

Whetheryourorganizationwantstopilotadesktop

virtualizationinitiativeortaketheplungeentirely,Dell

canprovidetherightsolutionforyourITenvironment.

Delloersacompletespectrumofvirtualdesktopservice

deliverymodels,includingsubscription-baseddesktop-

as-a-service,solutionshostedandmanagedbyDell,andsolutionsandservicestosupportcustomerswithbuilding

andmanaginganin-housesolution.Youcanalsotake

agradual,phasedapproachortransformyourdesktop

infrastructureallatonce.Dellsimpliestheprocessof

assessing,designing,implementing,andmaintaininga

solutionwithitsbestpracticesmethodologyarepeatable,

7/27/2019 Dell Tackling Security and Compliance White Paper[1]

3/3

3

consistentprocessthatconnectsyourbusinessneedsto

themostappropriatedeliveryscenarioprovidedbyDelland

tailorstheunderlyingtechnologyimplementationtomeshwithyourexistingsystems.

Dellconsultantswillhelpyouconfigureacomprehensive

virtualizationsolution,includingdesktopdevices,servers,

storage,andservices.Youcanalso,asmentioned,take

advantageofDellsvirtualDesktop-as-a-Service(vDaaS)

solution,whereDellimplementsandmanagesyour

virtualdesktopinfrastructurefromDellCloudanddelivers

anSLA-classexperiencetoensurehighavailabilityand

smoothoperations.

Dellstartswithanin-depthITassessmentofyour

virtualizationneeds,includingcosts,savings,andtotal

economicimpact,tohelpyoumakeaninformeddecision.

ItprovidesadigitalblueprintofyourITenvironmenttohelp

youchoosethebestvirtualizationoptionsandplanforthe

future.Then,Delldesignsacomprehensivesolutionthatmeetsyoursecurityandcompliancerequirementsand

budget,getsyouupandrunningquickly,andscalestomeet

futureITandorganizationalchallenges.

MeetingyourITsecurityandcomplianceneedscanseem

daunting,butinvestingindesktopvirtualizationcansolve

araftofsecurityandcomplianceissuesatonceandlower

riskdramatically.

Contact your Dell representative or visit

www.dell.com/virtualdesktopto learn more

about Dell Desktop Virtualization solutions.

Copyright 2011 Zif Davis Enterprise

http://www.dell.com/virtualdesktophttp://www.dell.com/virtualdesktop