There's an emerging selling point for desktop virtualization vendors and their channel partners: protection against malware and data leaks.
Organizations that virtualized desktop machines to make their IT management easier have discovered endpoint security as an unexpected but even more powerful benefit, experts said. And now some businesses, particularly in the finance, healthcare and government sectors, are looking at virtualization specifically for security reasons.
"The real advantage is, all data is located and all processing is done centrally," said Michael Rose, an associate research analyst for IDC in Framingham, Mass. "All your terminal is doing is displaying the information."
A survey of 100 IT managers released last week by Goldman Sachs indicated that 32% of respondents were interested in desktop virtualization for its security -- a close second to the 36% who were interested primarily to increase manageability.
Half of all corporate attacks happen from the inside, according to research by Cambridge, Mass.-based Forrester Research. Unauthorized USB devices can infect networks and hard drives with viruses and Trojans, but they can't access them from virtualized desktops.
"Nothing is local," said Gordon Haff, principal IT advisor for Illuminata in Nashua, N.H. "You don't have a local hard drive. You typically have the ability to restrict the use of certain kinds of USB devices."
Desktop virtualization can also keep intellectual property from falling into the wrong hands in the case of a lost or stolen laptop.
"Not having to worry about machines walking out the door is a big benefit," Rose said. "If my notebook ends up being stolen, they can't access anything on the virtual desktop."
Haff and Natalie Lambert, a senior analyst for Forrester Research Inc., both said that desktop virtualization is a supplement to, not a substitute for, antivirus software on every machine, strong password policies and authentication procedures and other measures. But with virtualization by itself, "the data is still secure," Lambert said.
And there are some drawbacks to desktop virtualization. It requires constant Internet connectivity, so laptops are not protected against data leaks when employees are working on planes or in other places without Internet access, Lambert said.
Virtualization protocols also do not handle multimedia well, which precludes some organizations from going in that direction, Rose said. And the high-end servers that virtualization requires can also be cost prohibitive, he said.
But because of the security benefits, he added, "I definitely see the opportunity for wide-scale adoption."
Let us know what you think about this story; email Colin Steele, Feature Writer
Dig deeper on Application security and data protection