Remote Access – Where Security meets Productivity, and they all lived happily after!

As we wade into Day 2 of VMworld 2014, the conversation will likely leave Software Defined Data Centers and move onto the more exciting (for us at least) conversation regarding securing remote clients in a highly distributed and unpredictable work environment.

If you’ve been following Moka5 at all, you know we’re proponents of the idea of taking the critical Enterprise Client technologies – mobility, virtualization, data/file sharing, and endpoint management /security and lumping them all together as Enterprise Client Computing. We know several of the analyst firms (sorry – can’t name names yet – well we can name one – Brian Madden @ www.brianmadden.com because he’s already gone public with it) are moving in this direction, and moreover IT professionals are demanding it to help them simplify their buying criteria. Questions abode during this process: Which technologies do I need to buy fresh? Which do I already have? And, are there best practices for policy creation, end-user adoption, and infrastructure integration? IT must also seek guidance on complete strategies for outfitting their users based on how they actually work.

This is far from an easy task as you begin to dig into each section – what do we mean when we discuss mobility ? How is “mobile devices” defined? Mobile PCs/MACs? Both? Is it best to use a mobile device management solutions for your devices – but then what do you use for PCs? You’re likely already using a legacy endpoint management system to manage the host, but that’s not really suitable for separating or managing the underlying corporate data, and let’s face it the existing endpoint management systems really aren’t doing all that well managing devices. Wouldn’t it make more sense to have a common platform to manage them both?

Remote access is probably the biggest issue out there affecting Enterprise Client Computing – how do you safely and securely access highly sensitive data when you need to compute on the public network? Moreover, in many cases it’s not even clear who actually owns the machine that’s being used at any given point in time - is it a corporate machine? A personally owned one? Should it matter?

Some of the available solutions that get voiced at this point in the conversation tend to revolve around VDI, as in: “You don’t have to worry about your desktop, simply run a VDI image on your computer and you can store all your data back in the data center and still access it from virtually any computer. Now it is VMWare’s party so we do want to keep things polite; but simply put once you add mobility to the mix, VDI changes from Virtual Desktop Infrastructure to Very Dumb Idea. This is largely because in order to work – i.e. get your image out of the data center and onto your computer – requires a very fat, very fast pipe to deliver all that information to you. Now show of hands – how many of us have gotten to our hotel room/airline lounge/bus terminal/Starbucks Office – all advertising WiFi availability but when you try to access your Google Homepage you realize that the network is as slow as the tortoise that supposedly beat that hare.

The bottom line is most public network access runs extremely slow for simple content browsing let alone for bringing down a full virtual image. Even if it succeeds in delivering the actual desktop, using that desktop will be a simple exercise in futility as the processing occurs back at the data center and sends the results back over the wire – exactly how you want to be working on a complex Powerpoint deck or that huge forecasting spreadsheet with all the pivot tables? Death by mosquito bites would be vastly preferable!

Another consideration is how do you secure and encrypt your web browsing sessions over the public network that your road warriors are forced to use in a VDI infrastructure? Well –you can’t. All that traffic going back and forth to your critical public cloud applications from your VDI image is largely open to anyone who can crack your network stream – the same as if you’re running a local browser session. (Salesforce.com data anyone? A little NetSuite or SAP on the side? How about SuccessFactors, while we’re at it?) This does not even begin to consider the effect of screen grabs, key stroke loggers, and other kinds of malware inherent on public networks that help collect little things like passwords and access codes. All easily cracked in a VDI environment as demonstrated by our own John Whaley at Briforum in Boston this past August. tThe bottom line is that once you take VDI out of the office and out on the road, its warts appear and the revolt from your dissatisfied end-users begins.

FInally, using VDI does not in anyway reduce the requirement to manage the physical devices. Considering that complexity reduction has been one of the prime selling points for VDI adoption, the fact that you still need to update, secure, and manage your hosts with the same legacy tools you’ve used before but now with the added burden of having to manage, maintain, and secure your virtual images as well! Not exactly a simplification or a reduction!

Moka5 actually brings a simple solution to the problem, but does require a slight change in the way you think about things. Moka5 uses containers in much the same way that some MDM companies use containers on your SmartPhones to store, isolate, and protect sensitive corporate information for BYOD phones/tablets, only we use them on your mobile PCs and Macs too. In fact, we were the creator of the secure centrally managed distributed client side container to effectively house and secure your entire corporate image. The difference is rather than run your image over a network, we run it locally in the container so the response is exactly as if you were running everything locally – no waiting means no frustration. Moreover, because everything runs in the container your browser and its traffic are fully encrypted as they access your sensitive cloud applications from Starbucks, hotel lobbies, and other non-secured networks. And, unlike MDM and legacy endpoint systems management, Moka5 enables you to manage just your users and their data, instead of worrying about their devices. We call this data and user centric management and by our way of thinking, it’s the most efficient and effective way to manage your Enterprise Client Computing Systems - PCs, MACs, Tablets, and phones, all from the same console, using the same client interaction model, and the client policy enforcement models that are appropriate for each endpoint class but from the same console.

So as you weigh the nearly impossible tasks awaiting you on a daily basis, think about Moka5. We do what you need most to support the reality of today’s Enterprise client computing – preserving your data’s security, while providing remote workers the secure access they need all in an easy to use, high performance local container that never sacrifices performance for security – because unlike VDI and other legacy endpoint systems, it doesn’t have to.

• Simplicity – Containers for easy management and data security, local execution for consistent performance
• Security – Full container and bandwidth encryption, ensuring secure access for corporate data regardless of location or network type
• Productivity – Users can self–provision, self-regenerate, and work in their containers regardless of network status or bandwidth

Give us a call and let us talk to you about how we can help you relax at the office – like the server slackers do – and still come out on top!

For more security related information on Moka5, please visit our Datasheets section.

Comments are closed.