Cloud

How Virtual Desktops Close Higher Education Cybersecurity Gaps

Cloud-based solutions such as Desktop as a Service can help secure a wide range of campus devices.

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies.

With the pace of cyberattacks ever on the rise, higher education IT teams are under pressure. They’re tasked with securing a quickly expanding range of endpoints, from managed devices and grant-funded research equipment to a free-for-all of student-owned technology.

“There is the intellectual property challenge, particularly in research institutions. There is very sensitive and very proprietary information,” says Calvin Hsu, vice president of product management at Citrix. At the same time, he adds, “higher ed is also a ripe target for ransomware and phishing attacks.”

How to effectively secure this complex IT ecosystem? For colleges and universities, virtual desktops offer a way forward.

Virtual Desktops Secure Access to Higher Ed Cloud Environments

Most schools have been migrating their infrastructure to the cloud as a way to streamline IT operations and better meet the need for computing and storage resources.

Cloud can deliver the “high-compute environments, supercomputers and very graphical environments” needed to support research and learning, says Hsu. But IT needs to provide secure access to those cloud-based applications.

DISCOVER: How Citrix can help your institution secure student information.

Virtual desktops make that possible. A software emulation of a hardware device, the virtual desktop enables end users to access applications and operating systems through client software or a web browser, using the endpoint devices of their choice.

Cloud-based solutions bring the virtual desktop to life. Desktop as a Service, for example, supports virtual desktops in a hybrid environment. DaaS ensures that virtualized applications perform just like their physical counterparts, regardless of device or connection.

By taking this route, administrators can ensure the security of sensitive data in the cloud environment, including students’ personal information and proprietary research data.

Supported by DaaS and delivered via virtual desktop, “what actually goes over the network then is really just a combination of pixels — there's not real data or information in there,” says Hsu. “And even that flow of pixels and the keystrokes themselves can be encrypted and protected with features like anti-keylogging capabilities that scramble every keystroke made on the endpoint.”

DaaS also makes browsing safer, adding layers of security when users access the internet via a browser within the virtual desktop.

There is the intellectual property challenge, particularly in research institutions. There is very sensitive and very proprietary information.”

Calvin Hsu Vice President of Product Management, Citrix

Uses Cases for Virtual Desktops in Higher Education

How might colleges and universities make use of such a solution?

Individual users: “Doctoral students may have machines that they need to be very powerful,” says Hsu. With DaaS, “they can create a Windows or Linux machine in a virtual cloud instance that can pull in that compute and use it. When they are done with their computations, they can set it aside.”
Computer labs: Universities can implement DaaS in computer labs as a way to provide secure access to a rich array of cloud-based resources without putting data or networks at risk. With a virtual desktop, “students use it, and then it resets to a known good state immediately after they log out,” says Hsu. “The virtual desktop can repeatedly clean and provision fresh new environments for the next student, and it does that securely and cost effectively.”
Supporting equity: Universities are tasked with providing a level playing field in terms of technology access, and DaaS can help with that. Because a virtual desktop separates compute infrastructure from the physical endpoint device, “you could take a relatively low-powered Chromebook, for example, or a refurbished PC that has been donated, and use that as an access device,” says Hsu. Users gain the full compute power of the cloud, “and it really helps with equity, the democratization of technology.”

LEARN MORE: What’s new in SIEM for higher education InfoSec teams?

Best Practices for Virtual Desktops in Higher Education

So, how can universities best use virtual desktops in support of their mission? First, it helps to consider the end user.

“In the educational sector, you have everything from students and admins to professors, and their use cases are very different — the level of compute power that they need, the amount of storage,” says Hsu.

An IT professional can employ case segmentation to design the virtual desktop environment, assigning different levels of control depending on the compute power needed and the level of security required.

DaaS makes it possible to adapt security with an eye toward a specific end-user experience. “What are the requirements for performance, control and flexibility on the end user’s part? You can layer in the cybersecurity accordingly,” says Hsu.

For example, a machine in the computer lab can have relatively open access to functions such as printing or copy-and-paste. For a user accessing the system remotely, or someone dipping into sensitive financial records, those functions could be restricted.

Citrix offers DaaS in support of virtualized desktops, with the top 10 highest-ranking universities among its client base.

“We understand the protocols that help create that remote experience, particularly when you’re dealing with research applications, audio and video, or remote learning,” says Hsu. “We have high-definition technologies that translate that virtual desktop experience over a network onto the endpoint device very effectively, and we’ve designed those protocols with higher ed in mind.”

Brought to you by: