The Cloud Experience Everywhere
ServicesExperts

GUIDE VDI Solutions vs Ransomware: Who comes out the Winner?

In 2016, spam and phishing emails remained the leading cause of ransomware infection (a staggering 46 percent of reported incidents). With human error still responsible for the majority of security threats, anti-malware software alone can’t prevent hackers from encrypting and ransoming business-critical files.

So, what is the answer to this growing problem?

Virtual Desktop Infrastructure (VDI) is one potential solution. While there are both advantages and disadvantages to using virtual desktops, a well-architected VDI solution can limit the effect of ransomware attacks.

statistic_id700965_leading-cause-of-ransomware-infection-2016

How VDI Solutions Negotiate the Ransomware Hijack

With 93 percent of phishing emails containing ransomware links, the chances of end-users introducing malicious code into your system remain high, so you need desktops that are up to the challenge. Although VDI wasn’t designed as an out-of-the-box solution to ransomware attacks, the nature of the infrastructure makes it less susceptible to lasting damage.

Unlike traditional desktops, non-persistent desktops such as those used in pooled VDI networks return to a pristine state at the end of each user session. Not only can this help you avoid version or configuration drift (as software updates and patches are only made to one centralised image), it can also minimise the ransomware threat.

When your users log in to work the next day, their desktop will reset to this golden image and your anti-malware systems will remove the ransomware from the OS.

Of course, there is an obvious catch to this process.

Be Proactive, Not Reactive

With the death of the ransomware comes the death of user data. This is where real-time backups become crucial. If you fall victim to a ransomware attack and haven’t backed up your data, you won’t be able to decrypt it once the ransomware is removed from your system. Because of this, you shouldn’t view VDI solutions as a quick fix for ransomware issues.

Instead, follow best practice guidelines to keep your data safe:

  • Limit user access to data – If certain files aren’t crucial to your employees’ job, don’t grant them privileged access. Ransomware can’t infect data your users can’t obtain.
  • Secure your datacentre – Some ransomware targets the mapped network drives found on user desktops. To prevent this travelling back to your datacentre, make sure you set up internal firewalls to vet incoming data. Create air gaps between storage and backups to reduce the spread of ransomware.
  • Continuously backup all user files – As I’ve already mentioned, this is the easiest way to restore data after you’ve removed the malicious code. If you don’t have the capacity for this on-premise, consider storing backups in the cloud.

For further guidance, check out our infographic on protecting users from ransomware attacks.

VDI Solutions as Part of a Bigger Security Picture

While VDI isn’t 100 percent ransomware-proof, it does hold many advantages over the traditional PC. For organisations with thousands or even ten of thousands of employees, VDI solutions can help you manage and maintain all your desktops from one place.

In doing so, your IT team can monitor potential security threats and implement patches across your entire network more efficiently.

Take a look at some of the work we’ve done on cloud workspaces to discover whether they’re the right fit for your business.

 
 
0 Kudos
About the Author

ServicesExperts

HPE Pointnext Services experts share their insights on the topics and technologies that matter most for your business.