This presentation was originally delivered during the IoT Integrator Summit on Securing Edge Computing, which took place from July 14-16, 2020. You can view the full event summary and as well as access additional sessions from the IoT Integrator Summit here.
In this session recording, you will learn how enterprises are struggling with the “new normal,” related to COVID-19 and enabling remote work. Providing advanced security for remote VDI solutions can provide breakthroughs for power users and those employees who must work with sensitive information. This talk addresses the context and approach for enterprises enabling remote workers via VDI.
Watch the video or peruse the notes from the session below.
Enterprise adaptations and security investment
Enterprises are rapidly changing their priorities as they adapt to COVID-19:
- Digitalization and robustness are becoming key for supply chain functions.
- Automation has become more important than ever to compensate for missing manual labor.
- Companies are beginning to invest more in their security infrastructure.
These are only some of the examples of ways that companies are adapting to the new reality of remote work. One of the most important of these priority changes is the investment in infrastructure.
Companies need to think about enabling access to a secure corporate application through any untrusted device without introducing risk. What you really need in your infrastructure is flexibility. Once you deploy remote access equipment, extend the corporate network and provide VPN’s, you should plan for what may change.
The biggest challenges in remote IoT work comes from machine operators and extreme workers. Machines have to be completely air-gapped and have an authorized user base to maintain security.
It can be difficult to even access the industrial software from outside the network because it is only available through legacy or unsupported platforms that a simple desktop can’t open. When it comes to extreme workers, they are handling extremely sensitive information and data that can’t be handled through a home network.
Looking for content from other IoT Integrator Summit Sessions?
Remote IoT work and VDI solutions
Virtual Desktop Infrastructure (VDI) is a software technology that runs a desktop inside of a virtual machine on a server. VDI has many incredible uses and benefits. For example, using VDI you could take a complex simulation that you need to run across hundreds of servers and display those to a user remotely without transmitting data from the simulation itself.
You can also build a solution through a VDI in which you would have just as much control over the simulation as you would in the office. VDI is also a way to cap the amount of bandwidth you use for words, pictures, and videos. When you combine these uses with enhanced security options you get a great solution to remote work.
There are a few ways to enhance security when using a VDI solution:
- Secure VPN connection that obscures the device
- Completely encrypted tunnels for the end-device
- Secure and encrypted wifi connection
- Use data stored only on the server
- Server-stored data should only go to the VDI
Using a VDI is a great way for power workers, machine operators and extreme workers to continue doing their jobs remotely.
Q & A from listeners
Here are some questions submitted by listeners.
How complicated is it for organizations that are already doing remote work to deploy VDI?
You can actually use cloud-based desktops for the appropriate user base. With provisional ability, we can set up the VDI server hosts. There have been some customers who needed a VDI solution, and fast, and through cloud-based desktops this can be done easily.
How well can this be deployed in an IoT or OT use case?
One of the biggest problems that industrial customers face is that they deploy Human Machine Interfaces (HMIs). HMIs complete a variety of tasks, including batch analytics and data collection. These devices are often old and require network address translation which means that are not easily patched.
Unfortunately, those air-gaps prevent means of accessing these kinds of systems. The software that runs on them is highly vulnerable and cannot be exposed to the internet which makes it difficult to deploy VDI. It really depends on the current software that is deployed on the machinery.
How granular can you get with setting user roles and permissions for VDIs?
VDI is interoperable with other applications. If you are using software to set user roles and permissions they typically work with VDI and can be applied easily. You can even set multi-administrative roles and authorization levels.
Read the Complete IoT Security Guide
Everything you need to know about securing your IoT or IIoT deployment.
Lin Nease is an HPE Fellow and Chief Technologist for HPE Pointnext’s IoT activities. In this role, He is responsible for setting strategy, building a technology plan, and driving innovation with key enterprise customers/partners of HP. Additionally, he provides IoT consulting directly with HPE’s enterprise customers. Lin also helped establish HPE’s EdgeLine business, and HPE’s membership in organizations like the Industrial Internet Consortium.
In his 25+ years with HPE, he has been a Chief Technologist and Director of strategy for multiple business units, including HP’s Business Critical Servers and Networking businesses, has been a Chief Technologist and General Manager for multiple global accounts (GE, UPS), driven multiple M&A activities and cross-business initiatives, led numerous successful commercial products, including the industry’s first blade solution and HP’s long-lived Superdome platform, and holds several patents in software-defined networking.
For more than 75 years, our success has exemplified through our employees’ drive to advance ideas that bring meaningful innovations to life for our customers and partners around the globe. We are guided by our mission to help customers use technology to turn ideas into value, and empower them to transform industries, markets and lives. We simplify Hybrid IT, power the Intelligent Edge and provide the expertise to make it all happen.