The Zero Trust Series: VDI Environments and Security Risks

Organizations have gravitated toward virtual desktop infrastructure (VDI) solutions like VMWare and Citrix to operate following a shift in workforce demands. For various reasons, they’ve become a permanent fixture of enterprise IT strategies. VDIs help companies reduce costs and infrastructure while maintaining flexibility and access to important features. They also help combat security vulnerabilities and IT labor costs by simplifying IT management and enhancing employees’ experiences. 

From a security standpoint, virtual desktops are a definite upgrade compared to physical desktops and a significant step toward embracing a Zero Trust Network Architecture (ZTNA). However, despite improving security, employing VDI solutions aren’t a quick fix to avoid data breaches and cyberattacks.  

In part three of our Zero Trust blog series, we’ll talk about who utilizes VDI solutions and the security risks associated with using them. Let’s dive in.


Who Uses VDI Solutions?

VDI integrates well with any company employing a hybrid workforce, remote employees, contractors, task workers, medical professionals, and teachers. Its versatility gives employees access to their office on-demand and fits right into digital workflows without skipping a beat. In order to meet security and remote workforce demands, VDI solutions are commonly deployed by organizations operating in: 

Highly Regulated Industries: Legal or healthcare organizations that are required to comply with regulatory standards benefit from VDI because data is centralized in a data center or secure cloud. Employees can’t store private data on a personal device, eliminating the risk of internal malicious actors doing serious damage.  

Confidentiality-Centric Environments: Government entities or financial institutions that must maximize security to protect data are well-suited to employ VDI. This allows IT teams to have complete control over user desktops and prevent potentially harmful software from entering the VDI environment. 

BYOD Programs: Hybrid or remote employees that use their own devices in the workplace need a VDI solution to increase productivity and keep everything in-house. Bring your own device (BYOD) programs eliminate the need for employees to download apps separately on their computers and provide them with fully functioning virtual desktops with predetermined apps already installed.   


Security Risks of VDI

Companies deploying VDI often place security at the top of their agenda. The reason is that VDI servers run on many desktops containing sensitive information across an entire organization. Since many people in executive roles are also using the VDI system, hackers can gain access to your company’s most precious information which, in turn, decreases company productivity and causes financial chaos.  

Despite having innate security capabilities, VDI carries unique security risks and creates the following attack surfaces:

  • Internal actors: Internal threats are a growing cause of data breaches, particularly in VDI environments where malicious actors can breach other employee desktops or VDI servers. According to a 2022 report by Ponemon Institute, malicious insiders caused 26% of insider data theft at an average cost of $648,000 per incident. Not all threats are intentional either. A Citrix study found that many are accidental (54% of threats) and result from weak passwords, stolen property, or lack of file encryption. 
  • The network: Virtual network environments share the same resources meaning they are more vulnerable to attacks. Many organizations have been feeling the repercussions of not adequately segmenting network assets with the average cost per data breach hovering above $4 million. If the network isn’t properly segmented and one section is attacked, routers and links from other virtual networks become vulnerable.
  • VM updates: It takes considerable time to patch, secure, and maintain virtual machines manually because they have their own operating system and unique configuration. If the IT department falls behind on updates and patches, the network is more prone to security breaches. 
  • Hypervisors: Hypervisors support the creation and management of virtual machines. They allow one host computer to support multiple guest VMs by virtually sharing its resources. Attackers can take control of the hypervisor by using malware to take over the operating system. At that point, you might as well have given them the keys to your home.


Hybrid Work Creates Security Holes 

It’s easy to think that printers are losing their relevance in today’s workplace since companies have leaned toward digitization and cloud storage. However, many industries and teams still rely on printing as a vital part of their operations, including healthcare, logistics, government, and legal sectors. Some of these areas have allowed workers to take on hybrid roles, but they still have to print. They often have to rely on their own out-of-network printers to print the documents they need. 

You may be thinking: Wouldn’t remote work decrease the need to print?

Quite the contrary. A study on remote printing found that 59% of employees printed more or the same amount at home as they did in the office. Most of these print jobs contain employee, customer, and company information that can be compromised through home networks.

In a recent survey, Quocirca found that 67% of organizations are concerned about the security risks of home printing. Many of their concerns stem from hybrid workers not using strong passwords to protect the administrator account and not having up-to-date firmware on their devices. Printers become vulnerable and give cyberattackers a way into an employee’s home network. From there, attackers can maneuver through a company’s virtual private network and ultimately get into the corporate network. And voila! They have access to your organization’s crowned jewels.

Giving users secure printing alternatives could make all the difference in mitigating the risk of printing from home. Leveraging PrinterLogic’s advanced security features like Off-Network Printing allows users to print securely from any network outside your organization.


Up Next: Making VDI Zero Trust Compliant

This blog covered the attack vectors of VDI solutions without a Zero Trust framework in place and how remote printing has caused security headaches for organizations. Part four of our five-part blog series will discuss the steps companies can take to make their VDI environments Zero Trust compliant and pinpoint the limitations of VDI printing.

Check out part four of the Zero Trust blog series here