Virtualization Made Easy with Containers


Wouldn’t it be great if you could take your Windows Golden Image – stick it in a digital container and then let all your end-users automatically have it available on their laptops, notebooks, Macs, and PCs – no matter who owns the device and no matter where the device is located?

And, wouldn’t be even better if that container was hermetically sealed so that the Windows Workspace never interacted with the host – only accessing memory and processing – thereby keeping it free from malware, intrusions, and data loss?

And, wouldn’t it be even better that for the vast majority of end users could simply rejuvenate their containers back to its last known safe-state in the event of some infection or mishap – without having to call IT desktop support?

And, what if best of all patches, updates, and revisions could be added to the Windows golden image and automatically propagated out to all your users without you ever having to look at a physical machine?

The concept of a container is not new. They have been used as a way to enable BYO tablets and phones in the enterprise for years. What is new is their use on computers – PCs & Macs.  While it’s true that the key driver has been BYOD in the past there are three other, even more compelling reasons why you should consider a containerization strategy for your endpoint management and security requirements:

Management: A container is more straightforward than a physical endpoint to provision, to update, and perhaps most importantly, to remotely kill a workspace.

Security: Applications and data stored on the endpoint are fully encrypted and secured.  The endpoint’s security posture can be dynamically managed at the container level.

Enablement: Containers abstract the traditional relationship between data and device. As a result using containers makes it possible to enable new ways of working while simplifying management and security for remote, mobile, and private/corporate device ownership.

When it comes to management, as anyone who has ever managed Windows in a large company knows, on its own it is not simple, straightforward, or user friendly. However, using a container as the foundation for managing Windows image creation, distribution, and deployment (for all your current versions of Windows) makes it a much more efficient and simpler proposition.

Here’s a sampling of some of the desktop management challenges containers could solve:

  • How do I make a single image that I can both anonymize, but make unique for each user?
  • How can I setup so that my users can get the container on their machine without having to bring their machines into the office?
  • How can I setup so that my users can get the container on their machine without having to have their host machines on the corporate network?
  • How do I make sure updates get out to my estate?
  • How do I fix it when it goes wrong?

Security is obviously critical and the container security model supports compliance initiatives as well as full-on data security. When used in conjunction with host-based anti-malware and other security measures, containers add an extra level of data security that traditional security tools simply can’t match. Containerized workspaces are hermetically sealed from the host, eliminating such issues as data loss, data theft, malware infections, key-logging, intrusions, as well as so many other issues. Here’s a sampling of some of the desktop security challenges containers can solve:

  • Is the workspace protected at the end point?
  • Can I continue to control access to the corporate workspace?
  • What about other aspects of securing host and guest interaction?
  • How do I make sure that the host machine is in a “good enough” security state to run the container and yet not rely on the host to be secure?

Part of the challenge of running Windows in the enterprise is that it is not the most flexible and forgiving infrastructure to manage when dealing with many remote, roving, and intermittently connected clients. Moreover in the case of personally-owned devices, Windows does not provide a reasonable toolset for managing non-Windows clients, separating personal from corporate information on corporate devices, or even simplified system level patching and updating. The standard method for updating PCs is still done manually in many large enterprises – and this doesn’t even begin to deal with Macs and other platforms that may be in use. With new client computing initiatives such as BYOD/PC, remote workforce, contractor employee augmentation, and so many others, forcing Windows to accommodate new deployment models is vastly easier when done in a container. To the workspace itself, it appears to be functioning as a local install and not any kind of exotic configuration.

The bottom line is that today, containers have moved far beyond their mobile device roots and BYOD. They’re solving real, complex, enterprise endpoint management and security challenges today.

However, to fully grasp their benefits requires a change in thinking on the part of IT:  don’t try to manage or secure a device – secure and manage the data they own.  Containerizing a workspace not only simplifies management and security of your critical data – the stuff that’s truly irreplaceable - but can also deliver a vastly superior end-user experience to other workspace delivery methods such as VDI.  If you’ve not investigated the benefits of a containerized endpoint management and security solution you’ll be amazed at how far they’ve come!

Edited by Peter Bernstein
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More