In the last blog post we discussed what Windows Virtual Desktop (WVD) is and why it is a great home for Microsoft 365 apps, line-of-business applications and data. WVD has many advanced features to protect businesses from data loss and common security threats.
Firstly, it inherits the enhanced security capabilities, such as Multi-factor Authentication and role based access from Microsoft Azure, making WVD a secure and easy to manage platform.
Secondly, it integrates with Microsoft Intune, which provides granular control over user activity within the session.
All this makes Windows Virtual Desktop one of the most secure virtual desktop solutions available on the market today. In this blog post we will explore these aspects further.
Azure: Compliant and robust
Windows Virtual Desktop service is exclusively available on Microsoft Azure. With 60 regions worldwide, covering 140 countries, Azure has the largest global footprint of all the public cloud providers.
Microsoft guarantee 99.95% SLA for Virtual Machines (subject to correct architecture) and 99.9% SLA for the WVD service. Azure also has over 90 compliance certifications from GDPR and ISO to US and UK Gov certification. Businesses, small and large, can utilise Azure and have the confidence their applications and data will be secure and available when they need it.
Windows Virtual Desktop Security
Windows Virtual Desktop can make use of the Azure platforms advanced security to control access to desktops and application and determine what users can and cannot do within the session. Those include:
Role Based Access Control (RBAC)
WVD uses a blend of Azure groups and roles to provide users with only the applications or desktops they are allowed to access.
Multi Factor Authentication (MFA)
MFA makes use of a telephone or smart phone to provide employees with a 2nd form of authentication (secure random code or push authorisation). This adds an additional layer of security preventing hackers from using stolen passwords to access company systems and data.
Conditional Access allows business to block or limit access to WVD based on country, trusted office location, or whether a device is considered secure or not. Conditional access makes sure that only the right people with trusted devices can event attempt to log into your WVD environment.
Azure Security Center
Azure Security Centre provides a holistic view of security issues and vulnerabilities in a customer’s Azure and Windows Virtual Desktop environment. Azure Security Centre provides recommendations and best practice for IT administrators, ensuring they operate and manage a secure and compliant Azure environment.
The Azure cloud has almost infinite compute resource available to customers. Businesses can choose from the 60 global locations to host their Virtual Desktops and Business Applications. The decision is always in your hands as to where your service and data are hosted. This makes Windows Virtual Desktop a truly global solution for businesses of any size and location.
Combining this power with the intelligence of Azure automation gives customers the ability to automatically scale up and scale down their Windows Virtual Desktop environments to meet the changing demands from the workforce. A Call Centre, for example, has more employees working during the day, therefore WVD can be configured to turn on or off Virtual Desktops in line with the user load. Together with the Azure by-the-minute billing, customers only pay for resources they are using, making WVD a very powerful yet cost efficient solution.
I really hope you enjoyed this blog series on Windows Virtual Desktop.