Leveraging your Office 365 subscription for your VDI deployment
You can effectively leverage your MS Office 365 subscription towards your VDI deployment
At the time of writing this, even as a few parts of the world are starting to recover, the situation with the Coronavirus pandemic in many other parts of the world is clearly worsening. The world economy may well be entering a fifth month of having all their employees work out of their homes.
WFH is no Picnic
While most companies are being highly supportive of having employees work from home and in spite of the numerous posts about how people can work from home without missing a beat, IT administrators know the start reality – WFH is a challenge.
For one thing, when employees are at home, connecting to the corporate network can be difficult. VPN systems do exist to let corporate workers get access to company resources over a secure connection when they are working away from the office. But most VPN systems are usually designed to handle a small number of roaming users – but not situations like the current one wherein almost 100% of the workforce is at home. VPN systems are basically overwhelmed – and can’t support the traffic in the current scenario.
Also, when employees WFH with high-powered devices – those devices can end up becoming a point of failure. Coffee spills, dropped laptops, cracked screens, charging cables that go bad – all of these are real things that can happen when people WFH. And when your employees are at home, provisioning a fresh device isn’t simple.
Also, reachability to these end user devices for patching, security updates, new software deployment, etc. are all challenges. Traditional mass deployment methods like SCCM, AD GPO, etc. don’t work when employees aren’t on the corporate network.
An Endpoint In the Cloud?
Organizations are realizing that even after the worst of the pandemic is behind us, the stark reality is that a significant portion of the workforce will most likely continue to function from home. In such a situation, businesses are questioning the wisdom of entrusting each such employee with a high-performing compute device – which has to be supported, patched, secured, and eventually replaced. Wouldn’t it be easier if the employee could use any old home device to whip open a web browser and access a secure, company authorized, compute device in the cloud?
I’ve heard several organizations talk about their desire to move to desktop virtualization during these times. Desktop virtualization can be accomplished in a few different ways and is offered by quite a few reputed vendors. From the most basic mechanism that simply leverages Windows Server Remote Desktop Services to VDI to the latest offerings available as DaaS (Desktop as a Service) – the options are numerous.
Desktop virtualization can certainly solve a number of practical problems for IT administrators – but it can also come with a few downsides. But we won’t get into that now. The pros and cons of desktop virtualization itself, for now, shall remain the topic for another post.
In the event you choose to go down the route of desktop virtualization – what are your main options, and how can you leverage your Office 365 subscription?
While there are several vendors who offer services, one to consider is certainly Microsoft’s Windows Virtual Desktop (or WVD) which is hosted by Microsoft’s Azure cloud. Microsoft announced the availability of WVD in September 2019 which, for the first time, leverages multiuser functionality on Windows 10 — previously only available on server operating systems.
To Persist or not to Persist?
When using WVD (or most any other VDI technology), you will be confronted with the option of using persistent (also called non-pooled) or non-persistent (aka pooled) instances.
Persistent instances are where the user receives a permanently reserved VDI resource at each logon. This is almost the same as presenting the user with a dedicated, personal endpoint. Any data the user saves, settings, or other changes they perform – etc. are all persisted when they log out – and will be presented back to them the same way the next time they log in.
Non-persistent or pooled systems, on the other hand, are volatile in nature and function off of a single master image. Non-persistent VDI spins up a standard, new VDI image for each user. So, with non-persistent VDI, any user settings, data, etc. are not persisted after the session ends – so anything which needs to be persisted has to be stored in a cloud location and synced back at the start of the next session.
Data Management Challenges with VDI – and How O365 Can Help
Virtualized desktops in many ways are no different than physical endpoints – and if you’ve been backing up your user endpoints for regulatory compliance, to defend against ransomware or as a way to counter malicious deletion – then you’ll need to do have a strategy to do the same thing with virtualized desktops.
In any case, your Office 365 subscription will come in handy in more than one way as we shall see shortly.
If you are using non-persistent desktop virtualization, remember that your users’ data is not saved between login sessions. So, it is important that their data be synchronized to an external target (preferably in the cloud) as they log out – so the data can be synchronized back for them the next time they log in. The OneDrive for Business storage allocations your users have as part of your Office 365 subscription is a great way to solve this problem. And if you are using Microsoft’s WVD in particular, I suspect the integration with OneDrive is probably superior and may even help you negotiate better rates with Microsoft around external data transfer costs.
If you are using persistent desktop virtualization, remember that you still need to protect your user endpoints – virtualized though they may be. Here again, your OneDrive for Business storage can come in useful. Utilizing a solution like BluVault from Parablu, you can affect an enterprise-grade backup daily (or every few hours) from your virtualized endpoints to a secure, tamper-proof area created inside your user OneDrive accounts.
Even in the case you are using non-persistent desktops, remember that it is important to backup your user data in OneDrive to a secondary location. There are several cloud-cloud backup solutions that help you protect your Office 365 assets like Exchange Online and OneDrive for Business. For instance, Parablu’s BluVault for Office 365 can help make a safe copy of your OneDrive data to an alternate cloud target.
Lastly, even if you have deployed VDI with on-premise infrastructure, you can use your users’ OneDrive subscriptions as a secure backup target. It may be tempting to simply backup the VDI server centrally, but if you are thinking along those lines – think again. If you wish to make the solution self-service and preserve user privacy you should consider a solution that backs up user data and stores it insulated from other users. Each user should have the ability to browse, search, review, and restore/download the files they need from the backup. They shouldn’t have to ask an Administrator, nor risk an administrator (or other users) viewing their files – even if only to recover them.
Desktop Virtualization is Here to Stay
Desktop virtualization is here to stay and if anything, the pandemic has entrenched the technology’s position more strongly than ever. The benefits – both from the standpoint of convenience and economics, are undeniable. There will however always be thick clients in the form of high-performance desktops – for reasons such as offline working and privacy.
Many organizations are looking at desktop virtualization as they navigate their way through the pandemic. If you are implementing desktop virtualization, speak to us. Our solutions can help protect not just user data on the virtualized desktop client, but also protect data stored in cloud services such as OneDrive. If you don’t have a solution like OneDrive, we can provide you a reliable sync solution (BluSync™) that can work with your Win or Mac non-persistent VDI client to keep a safe copy of your data when your user is disconnected.
We’ll look forward to hearing your thoughts/perspectives on this topic. Feel free to write to us at firstname.lastname@example.org. Stay safe!