April 8, 2022 - Sage Goodwin
The speed of technology and movement in the world of VDI is growing faster and faster, and more users are switching or migrating to a VDI (Virtual Desktop Integrator) Solution. Alongside this migration is the ever-growing concerns around security and compliance, the bigger these services and platforms become, the more targeted. Awareness around security has risen, and it is more important than ever to make sure your patching and compliance solutions are quick and easy.
According to Cybercrime Magazine, Cybercrime will Cost the World $10.5 Trillion Annually By 2025.
In response to a question on the Rimo3 podcast, Patrick Coble had this to say:
“I’ve done audits of some huge companies, multi-billion-dollar companies, and their VDI image hadn’t been updated in months, and in some cases, even years. And it’s because it’s kind of the old Citrix analogy of, ‘we don’t cook it, we just serve it’... and it’s because every time they’ve applied a Windows patch, 6 years ago, 8 years ago, 3 months ago, it blew something up, and they’re just like: ‘nope, let’s not do it, let’s just keep going’... That happens so often, there’s this huge delay. You can’t wait 30 days anymore [to deploy a patch]… with the way patches and attacks are happening, insider threats, everything, you can’t wait that long. You’ve gotta have patch Tuesday, Wednesday, Thursday, rolled out to a system, Friday, Saturday, Sunday rolled out to some pilot systems, and on Monday or Tuesday the next week, you should be about fifty to sixty percent done.”
We’re now in such a world of continuing change, our systems and patching need to be reflective of this. And with the ever-growing business move of work from home, and dispersed workforce, it has greatly changed the previous decades of security and how we manage our devices.
“The work from home stuff really caused a huge problem where some of these devices haven’t been updated since they got sent home in March of 2020, and I’ve still seen that doing audits. And then it’s like 'but it’s on their home network' well, yeah, but so is Fortnite, and Tiger King, and everything else. Like, who knows what’s going on in that wifi network, right? What other devices; what IOT devices may have already been compromised? Patching is a huge thing and that compliance.”
Deeper dives into the world of VDI, Security, Compliance and more are discussed in the full episode of the Rimo3 Podcast with guest Patrick Coble:
Samit Halvadia from Rimo3 is joined by EUC community leader Patrick Coble to discuss the importance of security patches, compliance, pentesting, and how the focus on security is integral to all companies in the modern day. Topics covered in the podcast: CIS, security controls, automated patch management, governance, cyber insurance, ransomware, breaches, proactive prevention.
Patrick Coble is an industry veteran in the VDI and Security space. He is the founder of VDIsecurity.org, the Principal Consultant for VDISEC, and part of the VMware vExpert EUC Program.
Samit Halvadia is a lifelong enterprise app nerd that has spent the last 20 years in a variety of companies with a heavy focus around application management including InstallShield (Flexera), App-DNA (acquired by Citrix), and most recently Rimo3 – and it seems as though he will never be tired of it. He knows apps.
Reach out to the team: https://www.rimo3.com/
Automated predeployment testing of Windows applications, OS updates and security patches.
Use unattended automation to test and assess application readiness for Windows 10, Windows 11, Windows 365, Azure Virtual Desktop, as well as identifying MSIX and Multi-session suitability.