-by Forrest Smith, Dir. Product & Customer Experience
April 25, 2017
At Neverware, we have grown to view Enterprises through the lens of what CloudReady can mean for them. As a conduit for remote information, resources, and power (increasingly, the cloud), CloudReady’s function morphs according to each Enterprise’s relationship with the cloud or its progenitors. As a result, many of our conversations with prospective customers end up focused on where their organization is headed, rather than where they are. Through these conversations I’ve learned to view CloudReady as a foundation for, and enabler of, progress. To share this perspective, I’m doing a short series on CloudReady’s value to companies in various points of transition towards cloud-first IT.
This will be the first of three installments in that series. I’ll kick off by taking a look at organizations that are driven by VDI and DaaS.
Part 1 - Without CloudReady, your VDI is an open Coke bottle.
Any business that has already embraced VDI (Virtual Desktop Infrastructure) or DaaS (Desktop as a Service) is a case study in why enterprise software solutions exist. Having invested (usually quite heavily) in an end-user computing solution that requires additional computing power (local servers or cloud computing) to power their desktop environments and additional management tools (home-grown or purchased from the likes of Citrix and VMware) to maintain control over the deployment, it’s clear that companies in this category had problem(s) that needed solving and justified massive investment.
As I’ve written about in the past, VDI helps maintain security, reliability, and manageability in high stakes scenarios. Whether it's a healthcare company ensuring HIPAA compliance or a major finance company insulating customer assets from outside attack, VDI deployments aim to minimize the risk and exposure of data storage, network security, and Windows management by corralling them into a carefully controlled central environment, and in large part, this is accomplished via the great care and expense businesses commit to VDI deployments.
So far this is not too different from the goals of cloud computing in general. However, VDI and DaaS work by shrinking and isolating their data, network, and Windows devices. They remove the odds of outside forces having unwanted effects by limiting the number of interactions that happen outside the isolated, secure zone.
When a company with a major VDI investment uses Windows machines as their end-points, they leave users with the capacity to initiate risky actions or store sensitive data outside their secure VDI environment; Windows grants users these privileges on a local machine by design. CloudReady does the opposite.
CloudReady is the only enterprise-grade OS built for remote access of resources. Compatible with almost any PC or Mac since 2007, it employs security innovations like process-sandboxing, automated background updates, and deeply-integrated cloud management to transform your existing devices into ideal VDI endpoints. CloudReady’s role in VDI is to provide remote access, but never allow sensitive actions or data to be associated with the local device.
I like the imagery of a bottle of pop (yes, pop) for this. You want to keep sensitive and volatile data and interactions (carbon dioxide gas) localized to a secure area (a bottle), and predominantly on virtual machines (in liquid) inside the bottle. Even if you start with ALL of the gas contained in the liquid, that volatile gas will naturally leave the liquid a little at a time. Information has a similar nature; its core usefulness lies in motion and exchange, so it naturally leaks out of any machine (virtual or not) that is allowed to hold it. Only with a purpose-built tool - a cap (CloudReady) - can the inevitable escape of gas be halted. Like a cap, CloudReady isn’t the container itself, nor is it the real host of the data. Instead, both are specially-engineered to reinforce and finalize the existing containment system.
Imagine the system without the cap. Every small agitation leads to additional loss of gas. Give it a serious shake and most of the gas is gone, taking with it a good portion of the liquid. But when capped, perturbations make no difference - a shake may free gas to move in and out of the liquid, but this is all contained inside the bottle and, with some time, the gas dissolves back into the host-liquid.
Why can’t Windows endpoints play the role of cap as well as CloudReady can? They’re too similar to the VMs/liquid inside. They both accept and give away information too readily. The analogy stretches nicely in this case - if you submerged a bottle of carbonated pop in a bucket of flat pop, would your gas stay in the bottle? Would it even stay in the bucket for long?
The moral of this story is that modern enterprise infrastructure requires that we shift our focus to the information and interactions, rather than the access-devices. When you focus on the gas, rather than the bottle or the pop, it is clear that a VDI deployment isn’t finished without a terminal (no pun intended) access device that is purpose-built to stop the ever-present pressure and risk of information exchange.
Thin-clients and zero-clients were created to drive at these goals - to make a great cap. Now, CloudReady offers a more refined and flexible option by being built to access any remote resource. That’s how it can offer a new tier of endpoint security and manageability for organizations, whether they rely on VDI, are fully cloud-native, or lay somewhere in between.