Published: 01 Dec 2009
Virtual desktop infrastructure technology can ease the burden of data protection for laptops and desktops, but it may not be a good fit for all types of end users.
Of all the data your company owns, data residing on desktops and laptops is often the least protected. Why? The distributed nature of endpoints makes it difficult to centralize and consolidate backup, and since desktop/laptop data exists outside the confines of the data center, backup administrators often don't see its protection as their problem.
Virtual desktop infrastructure (VDI) technology can address this problem by bringing data that would otherwise live on end-user devices into the data center.
VDI products enable the centralization of entire personalized end-user desktop operating environments so that they can be efficiently accessed, managed and protected from a central location. This allows organizations to reduce operational costs, improve service levels, and satisfy compliance and information security requirements, all while maintaining an identical -- and in some cases, improved -- end-user experience.
One caveat is that, as with server virtualization, desktop virtualization will have an impact on IT infrastructure. Server, storage and networking will all be impacted. Enterprise Strategy Group (ESG) research shows that nearly two-thirds (64%) of current VDI users have made some form of new storage purchase to support their implementation, since data that used to reside on users' PCs is stored on data center hardware in a VDI environment. And VDI isn't a one-size-fits-all solution. Some groups of users aren't well-suited to it, so different measures should be put in place to protect their data.
Distributed computing's backup problem
Most IT organizations today give short shrift to protection of PC data. According to recent ESG research, only 26% of nearly 500 midmarket and enterprise IT respondents said that all of their desktop PCs are backed up, and only 18% of organizations back up all of their laptops. Furthermore, 24% of respondents said they have no data protection process at all for their desktops, and 29% don't back up their laptops. With desktops and laptops increasingly carrying business-critical data, the expenses incurred for a system loss or failure are much greater than simple hardware replacement -- most notably, lost end-user productivity during downtime and more time spent reconstructing lost data.
Many IT organizations take proactive steps to centrally administer backup, ranging from manually copying files to a network share that's integrated in automated server backup processes to directly backing up desktops/laptops via server-based backup client agents. The former could create gaps in protection, while the latter introduces challenges due to the sheer volume of devices and the required software licensing to protect them.
Other companies take a different approach, allowing desktop/ laptop users to do it themselves. Users might manually copy files or use a standalone PC-based backup product to automatically back up data to a local storage device, such as CD/DVD, USB drive or memory stick. Alternatively, some leverage backup software-as-a-service (SaaS) to enable automated backup of data to a third-party location. In these situations, copies of corporate data proliferate outside the custody and control of the IT department (and sometimes the user), potentially introducing additional risk to the organization.
While most IT organizations don't adequately protect end-user data, the hardware that contains that data is susceptible. With an average hard drive failure rate of 2% to 4%, a company with 500 laptops could have as many as 20 of these devices experience a disk crash. In addition, the portable nature of laptops makes them an easy target for theft/loss and prone to damage from being mishandled/dropped.
In spite of these dangers, some IT organizations don't see the risk of data loss outweighing the costs of desktop/laptop backup storage capacity and operational overhead. Moreover, many organizations cite a lack of business or legal requirements mandating data protection and simply procure, configure and re-image replacement hardware and let users worry about data reconstruction.
VDI's backup remedy
VDI enables a user's complete desktop environments -- including OS, profile, applications, user data and customizations -- to be deployed as a self-contained package, remotely accessible from anywhere. Administrative and management tasks are, therefore, streamlined and centralized.
While you're not likely to implement VDI just to solve the PC backup problem (a host of difficult desktop computing challenges are driving its adoption), moving PC images to the data center puts them under the umbrella of the data center's data protection policies, processes, infrastructure and operational staff, which enables more efficient backup and recovery. And as an integrated component of server backup, desktop and laptop data can benefit from advanced features such as data deduplication.
It's important to note that VDI isn't a solution for everyone. VDI could be too "locked down" for certain classes of users, such as knowledge workers. Organizations generally use or expect to use VDI for distributed workers such as remote employees and telecommuters, as well as for task workers in roles such as data entry and call center (who may require a more limited desktop environment). And while they're not ideally suited for VDI because their use of technology extends beyond a traditional set of limited tasks, VDI for knowledge workers offers benefits against the leakage of sensitive company information.
However, those user profiles that aren't a good fit for VDI will remain vulnerable without an alternative desktop/laptop backup strategy. Organizations adopting an "out of sight, out of mind" attitude regarding endpoint protection could leave themselves open to risk.
BIO: Lauren Whitehouse is an analyst focusing on backup and recovery software and replication solutions at Enterprise Strategy Group, Milford, Mass.