Cloud Desktops Support the Shift to Zero Trust Security
It’s time for organizations of all sizes to rethink their approach to information security. Cybercrime – especially ransomware – is the
fastest growing crime in the U.S., and the attacks are increasing in number,
scope, and sophistication.
Cloud Desktop Security: Guilty Until Proven Innocent
Today, as people use a variety of devices in many different settings, the attack surface is vast, making the case for adopting a Zero Trust Security model. This means that no one is trusted, either inside or outside the organization. To support Zero Trust, CIOs and CISOs should ask vendors the following questions about cloud desktop security:
- How does your cloud desktop architecture impact information security?
- Where does my data live? Who can see it? How is it protected?
- Where is my Active Directory running?
- What systems are shared between customers?
Unlike many virtual desktop solutions, Workspot’s approach to cloud desktop security strengthens your Zero Trust Security model.
Workspot’s innovative architecture separates the control and data plane so the customer’s tenant is completely isolated.
Control/Data Plane Separation is Essential for Cloud Desktop Security
Architecture matters for cloud desktop security. Workspot is the only solution available today that separates the control and data planes. Other cloud desktop solutions have integrated control and data planes. By definition, when the data and cloud desktop management planes are combined, customer data and authentication systems traverse the same system. Even the vendor could potentially see your data, and that breaks your Zero Trust Security policy.
Whenever you need to secure data or intellectual property, you should be using multi-factor authentication (MFA). Workspot was built for the enterprise and the platform integrates with your chosen authentication systems. Most of our customers use Azure AD, Azure MFA, Okta, Duo and/or PingID. Workspot supports them all!
Workspot supports your existing MFA solution.
Workspot’s Network Operations Center (NOC) provides deep visibility into real-time events.
Big Data Visibility
Your IT organization must be able monitor your global cloud desktop infrastructure. Workspot is the only cloud desktop platform that gives you the power to view and manage your entire cloud desktop infrastructure from a single console. The Workspot platform is deeply instrumented, providing a real-time events stream that captures user login attempts and location, as well as the gateways they traverse. API’s also allow you to export this data to other analysis tools like Splunk.
Executive Brief: Workspot Cloud Desktop Security
Download the brief for more details about how to achieve
the most robust cloud desktop security.
A combined data and management plane (left) jeopardizes your security posture. Workspot innovation separated the management and data planes for Zero Trust security.
POLP: Principle of Least Privilege
In addition to the architecture decisions we made, Workspot follows the Principle of Least Privilege (POLP), closely tied to Zero Trust Security policy, for enhanced cloud desktop security. POLP allows for people and processes to only have the bare minimum system access to complete a task. That means that everyone, including the cloud desktop vendors you’re considering, needs to prove how they make your organization more secure. With Workspot, you can count on the following:
- Workspot’s architecture uses an independent security layer to prevent unauthorized access to your data.
- All customers are isolated. If there’s an attack, it is localized to a single tenant.
- Active Directory is fully under your control. Workspot doesn’t have any access to it for security reasons.
- Bring your existing corporate standard AV, AM, DLP and MFA into Azure – no need to create a separate security process.