As you know, the fable about the cobblers children is that the cobbler spent so much time repairing his customers’ shoes that he didn’t have time, or the inclination to provide them to his own children. So goes the Oak Ridge National Laboratory in Tennessee.
This federal facility, tasked with teaching other federal locations how to avoid being hacked, was…. you guess it, hacked. You can read about it here. Ignoring just how much public money is spent on our federal security façade, it lends a thought to securing your own network. There are many ways to protect your users from cyber attacks – anti-virus applications, anti spam programs, gateway security appliances, ongoing education about what not to click, why not to plug you USB stick into your office computer and so on.
But the real trick is layered security, a mix of all the above methods layered in such a way to create an electronic maze. A maze is usually described as a physical location that has passages leading to many dead ends, with only one passage leading to the exit on the other side. The plan is to navigate the maze so you find the one route to the exit without traveling a passage leading to a dead-end. The best example I can think of is the one at Hampton Court in England.
And like a maze, layering a variety of anti-malware dead-ends that a virus, Trojans, spam or other malware has to navigate is the best method to stop the end-user, and your company from having its data stolen. And if you think it won’t happen to you, look at the current story about Sony being hacked and having 70 million IDs stolen.
It can, and it likely will.
So how does VDI help? It’s easy. The Oak Ridge National Laboratory has many, many computers. And it only took one for the infection to take hold, which it did as that particular computer wasn’t quite up to date so the malware’s blind attempt to infect the PC worked. With VDI, a single image is carefully built, scanned, updated and made as anti-malware as possible and rolled out to all the users automatically. A thousand or more PCs is easy. And updates are easily applied to all users with a click of a button, not a thousand clicks and many, many desktop visits. No longer does IT have to update a thousand PCs, which is almost an impossible task but only one.
You want to stop malware in its tracks, think VDI.
