There are a multitude of reasons why the adoption of virtual desktop infrastructure (VDI) has increased within the healthcare sector. Obtaining greater efficiencies and cost savings through quicker provisioning and reduction of desktop management support are just a few, but having a more secure environment is perhaps the most important reason for healthcare VDI adoption.
With VDI, the average environment contains a desktop image where user data is saved in an on-premises data center rather than on an end-user’s device. As Spencer Hamons, CHCIO, FACHE, NetApp healthcare told us in a recent interview, “It is much easier to secure data in an enterprise data-store with consistent backups, monitoring, and automation than on hundreds or thousands of individual desktops, laptops, and even mobile devices scattered around an organization, in people’s cars, and in their homes. From a security perspective, you are reducing the number of threat vectors that hackers can potentially exploit, allowing more focus on those potential access points, and more effective security.”
Healthcare data is considered to be a high-value target for cyber criminals, with the number of ransomware attacks on healthcare organizations reaching an all-time high this year. “The security enhancements that virtual desktops bring should motivate organizations that have traditionally dismissed the technology to at least reconsider the viability of such a solution,” Hamons said.
Ransomware and the different variants of Crypto Lockers are especially dangerous as they continue to hit healthcare organizations worldwide. Hamons pointed out, “This type of malware encrypts files both on local computers and on mounted network drives. In a traditional desktop environment, every desktop is an entry point that can be exploited. Some desktops may be patched and protected against a particular variant of a malware attack, but human factors – some as simple as a user’s failure to restart their computer – can leave a desktop system vulnerable, even if it has been patched. While VDI doesn’t completely eliminate the potential for security attacks, the architecture and central controllability of VDI environments does reduce the number of attack paths available.”
Another security advantage with VDI is that it allows users to back-up data frequently without taking up additional storage space using tools like NetApp’s Snapshots and Snapvault. Hamons added, “Imagine how different the recoverability options are for IT departments, even when an organization does get hit with a malware attack. With Snapshots and Snapvault, a user’s data, desktop configurations, and operating systems have been protected and backed-up multiple times per day, even multiple times per hour. Being able to revert to unaffected data that is 10 or 15 minutes old within minutes of being attacked provides options that simply aren’t available in traditional desktop oriented environments.”
Finally, VDI cannot be fully realized unless all areas of the organization work together to create a vision that incorporates all, or at least most, of the features that VDI can offer. Hamons concluded, “This requires the expertise of the desktop team as well as storage administrators to help assure that the deployment takes advantage of compression, deduplication, and compaction to the fullest extent possible. Members from the security team can help develop transparent security protocols that still allow end-users access to data, but provide added security through the use of VDI’s capabilities. This is why Chief Information Security Officers (CISO) at healthcare organizations are beginning to drive VDI discussions, many times in organizations where VDI initiatives have faltered over the years.”
Find out more about NetApp’s VDI here.