Business changes so fast these days that organizations need to be ready for anything. Whether it’s hiring new employees, acquiring another company or bringing on contingent workers, IT teams need to get new people productive now, while avoiding the cost and complexity of dealing with additional infrastructure. Cloud PCs for contractors can do exactly that. I recently spoke with an IT leader (who happens to be an expert with legacy VDI) in a fast-growing pharmaceutical company. For this company, as they hire new employees, the number of contract workers tends to grow too. Like any good IT leader, this one is questioning everything as the organization seeks the best way to support this pace of change.
“Scale as We Grow” Cloud PCs for Contractors
The business expects its employee ranks alone to more than double in the coming year. As the number of employees grows, more contract workers are often needed as well to work alongside employees in support of various projects, across departments. The immediate use case is to find a good way to quickly onboard this contingent workforce in a way that is cost-effective and keeps corporate data and IP secure, while also avoiding adding more IT infrastructure to manage. Traditional VDI and physical PCs just can’t support the “scale-as-we-grow” vision of the IT team, but cloud PCs for contractors can. They are turning to a cloud-based solution because they realize the complexity and management overhead of VDI will inhibit business agility. Looking forward, they also want to support BYOD for work-anywhere productivity and thin clients in their office locations to simplify IT operations even more.
As is the case for most companies, data security is top of mind. For pharmaceutical and other life sciences organizations, the consequences of IP theft can be existential. To address this head-on, the team has specific requirements for data security, including:
- Multi-factor authentication
- Print screen function must be disabled
- Support secure use of thin clients and BYOD
Fortunately, Workspot’s architecture was built from the ground up to be a highly secure cloud PC service. There are three major elements to the solution that are inherently secure:
Workspot Client is a secure container that lives on the user’s device. It’s the workspace that allows secure access to corporate apps and data, depending on what security policies apply. Whether the device itself is fully managed by IT or an unmanaged, user-owned device, Workspot Client provides a secure area where users perform work without interfering with apps and data outside the workspace.
Workspot Control is in charge of setting up and provisioning all resources and establishing secure communication with end-user devices; Control pushes the appropriate security policies IT has defined to Workspot Client on each user device. Once a user is authenticated, they access the appropriate apps and data directly from Microsoft Azure. Because we separated the control plane from the data plane, no business apps or data ever enters Workspot Control – this information flows back and forth directly between the client and the business applications via the data plane. This is essential for a modern security posture.
Microsoft Azure offers Azure Security Center (ASC), a unified infrastructure security management system to monitor all activities on Azure. Most CIOs today believe that Microsoft can do a better job of securing their corporate apps and data in Azure than an in-house team can do in an on-premises data center. There’s good reason for this. Pharmaceutical companies are a primary target for phishing attacks and other cyber crimes because the value of the IP is so high. Chances are you simply don’t have enough in-house resources, with the right skill sets, to continually monitor and fight back against the growing sophistication and sheer numbers of these attacks. Workspot uses ASC features to monitor and obtain deep visibility into all your Workspot cloud PCs running in Azure.
When users are connecting to their Windows 10 desktops or GPU workstations in Azure, Microsoft Multi-factor Authentication (MFA) and Single Sign-On (SSO) are integrated into the Workspot Client, providing the additional level of security that the IT team requires and the simplicity of access that users love. The IT team can also push Workspot security policies down to Workspot Client, allowing users to print, cut, paste, copy, save local files, or in some situations (based on device type, location, etc.) forbid any or all of the above actions.
Solve Performance Issues
Users in the European offices who are connecting back to the U.S. data center using legacy VDI are complaining about connection times. Unfortunately, these kinds of performance issues impact productivity and frustrate users. Solving for just this use case alone can make a huge difference in productivity, so it’s the perfect opportunity to transition on-premises virtual desktops and even physical PCs over to cloud PCs on Azure. By placing cloud PCs in the Azure region closest to them, these users will likely see less than 25ms response times; it’s so fast, that physical PC users might just be envious! Looking forward, instead of giving out laptops, this IT team is considering making more use of thin clients, especially for new employees who work in existing offices. Extending cloud PCs to these users makes perfect sense, because not only are cloud PCs less expensive to procure and manage, they often deliver better performance than a physical PC (forget about VDI!).
Do some of these challenges sound familiar? If so, let’s talk. Cloud PCs for contractors, contingent workers, and remote employees bring new levels of business agility that can drive growth in your organization too. Just schedule a demo and we can explore your unique situation.