Virtualization Made Easy with Containers

By

Wouldn’t it be great if you could take your Windows Golden Image – stick it in a digital container and then let all your end-users automatically have it available on their laptops, notebooks, Macs, and PCs – no matter who owns the device and no matter where the device is located?

And, wouldn’t be even better if that container was hermetically sealed so that the Windows Workspace never interacted with the host – only accessing memory and processing – thereby keeping it free from malware, intrusions, and data loss?

And, wouldn’t it be even better that for the vast majority of end users could simply rejuvenate their containers back to its last known safe-state in the event of some infection or mishap – without having to call IT desktop support?

And, what if best of all patches, updates, and revisions could be added to the Windows golden image and automatically propagated out to all your users without you ever having to look at a physical machine?

The concept of a container is not new. They have been used as a way to enable BYO tablets and phones in the enterprise for years. What is new is their use on computers – PCs & Macs.  While it’s true that the key driver has been BYOD in the past there are three other, even more compelling reasons why you should consider a containerization strategy for your endpoint management and security requirements:

Management: A container is more straightforward than a physical endpoint to provision, to update, and perhaps most importantly, to remotely kill a workspace.

Security: Applications and data stored on the endpoint are fully encrypted and secured.  The endpoint’s security posture can be dynamically managed at the container level.

Enablement: Containers abstract the traditional relationship between data and device. As a result using containers makes it possible to enable new ways of working while simplifying management and security for remote, mobile, and private/corporate device ownership.

When it comes to management, as anyone who has ever managed Windows in a large company knows, on its own it is not simple, straightforward, or user friendly. However, using a container as the foundation for managing Windows image creation, distribution, and deployment (for all your current versions of Windows) makes it a much more efficient and simpler proposition.

Here’s a sampling of some of the desktop management challenges containers could solve:

  • How do I make a single image that I can both anonymize, but make unique for each user?
  • How can I setup so that my users can get the container on their machine without having to bring their machines into the office?
  • How can I setup so that my users can get the container on their machine without having to have their host machines on the corporate network?
  • How do I make sure updates get out to my estate?
  • How do I fix it when it goes wrong?

Security is obviously critical and the container security model supports compliance initiatives as well as full-on data security. When used in conjunction with host-based anti-malware and other security measures, containers add an extra level of data security that traditional security tools simply can’t match. Containerized workspaces are hermetically sealed from the host, eliminating such issues as data loss, data theft, malware infections, key-logging, intrusions, as well as so many other issues. Here’s a sampling of some of the desktop security challenges containers can solve:

  • Is the workspace protected at the end point?
  • Can I continue to control access to the corporate workspace?
  • What about other aspects of securing host and guest interaction?
  • How do I make sure that the host machine is in a “good enough” security state to run the container and yet not rely on the host to be secure?

Part of the challenge of running Windows in the enterprise is that it is not the most flexible and forgiving infrastructure to manage when dealing with many remote, roving, and intermittently connected clients. Moreover in the case of personally-owned devices, Windows does not provide a reasonable toolset for managing non-Windows clients, separating personal from corporate information on corporate devices, or even simplified system level patching and updating. The standard method for updating PCs is still done manually in many large enterprises – and this doesn’t even begin to deal with Macs and other platforms that may be in use. With new client computing initiatives such as BYOD/PC, remote workforce, contractor employee augmentation, and so many others, forcing Windows to accommodate new deployment models is vastly easier when done in a container. To the workspace itself, it appears to be functioning as a local install and not any kind of exotic configuration.

The bottom line is that today, containers have moved far beyond their mobile device roots and BYOD. They’re solving real, complex, enterprise endpoint management and security challenges today.

However, to fully grasp their benefits requires a change in thinking on the part of IT:  don’t try to manage or secure a device – secure and manage the data they own.  Containerizing a workspace not only simplifies management and security of your critical data – the stuff that’s truly irreplaceable - but can also deliver a vastly superior end-user experience to other workspace delivery methods such as VDI.  If you’ve not investigated the benefits of a containerized endpoint management and security solution you’ll be amazed at how far they’ve come!




Edited by Peter Bernstein
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More