With the accelerating adoption of cloud computing, more and more businesses are considering implementing desktop as a service (DaaS). This means moving not only servers to the cloud, but end user desktop environments as well. The benefits of desktop as a service are:
- Ease of Management and Maintenance
- Cost Savings
- Improved Security
- Better Resilience
- Simplified Backup and Disaster Recovery
- Increased User Flexibility
At IIS, we’ve helped many companies implement DaaS technology. We’ve written this post to provide an overview of DaaS benefits and describe how your organization can get started.
What is Desktop as a Service?
Desktop as a service (DaaS) is a type of cloud computing where the user’s desktop operating system runs on a virtual machine (VM) hosted by a cloud provider. The desktop operating system is usually Windows or Linux and the cloud hosting can be either public, hybrid, or private.
Public clouds are operated by third parties that charge based on the amount of computing resources you use. Familiar examples are Amazon Web Services (AWS) and Microsoft Azure. When using a public cloud provider, you share the same hardware, storage, and network resources with other customers (often referred to as cloud “tenants”).
A hybrid cloud is similar except that your business can specify the architecture (hardware, software, networking) and partners with a colocation service provider to manage the data center hosting the architecture. IIS customers work with a variety of colocation providers such as Equinix and Webair. In a hybrid cloud, resources can be dedicated or shared. A hybrid cloud also provides connectivity with your public cloud and private data center (hence the term “hybrid”). A hybrid cloud solution can provide more control and better security than a public cloud, while offloading the work of managing a data center.
A private cloud is operated by your company in your data center. The hardware, software, and network hosting your systems are dedicated for your use. This option provides the most control, but also requires your staff to manage the physical infrastructure delivering the cloud resources.
With either a public or hybrid cloud implementation of DaaS, users access their desktop through an internet connection. So wherever they are - working from a home computer, traveling with a laptop, in a meeting with a tablet, or at their desk in the office - the user can access their familiar desktop with all their documents, data, and software tools. There is no need for IT to setup and maintain multiple devices for the user. End users access their desktop environment with a browser and an internet connection.
The rise of cloud computing has made DaaS possible, but there are significant organizational and economic benefits compelling more and more businesses to move end user computing to the cloud.
The Benefits of Desktop as a Service
Much of the simplification and cost benefit results from the fact that cloud desktops eliminate the need for corporate data to be stored and corporate software to be installed on end user machines. From this changed configuration, organizations derive benefits that can be grouped into six categories.
Ease of Management and Maintenance
Ease of management may be the number one benefit that IT organizations realize from desktop as a service. Dealing with software issues like operating system patches, driver updates, application installs, etc. can be very time consuming, often requiring IT staff to visit hundreds of devices. With DaaS, all users are running one of a few standard VM images stored in the cloud. So, only those few images need to be patched, have drivers updated, etc. And the maintenance work can be handled in the cloud infrastructure. There is no longer any need to visit individual desktops for many administrative tasks.
Vying with ease of management for the top benefit is cost savings. First, an organization using DaaS can get by with much less expensive desktops and laptops than traditionally required. In a DaaS environment, the user’s machine only needs to run a browser or thin client to access the virtual machine over the internet. This doesn’t require large amounts of disk, RAM, or a powerful CPU. For many use cases, thin clients costing a couple hundred dollars are sufficient. These thinner endpoints use less electricity, so that save money as well. Software licensing can also be less expensive, or at least less of an upfront cost. Operating systems like Windows 10 are purchased on a subscription basis for cloud delivery, which can end of being less expensive than the traditional perpetual licenses required for each user’s personal machine.
With DaaS, individual devices are no longer a security risk because all desktop to server communication happens in the cloud provider’s data center on a secure network. In addition, all desktop data resides in the virtual machine which is also physically located in the data center. Since cloud data centers are much more secure than the typical desktop, moving to DaaS significantly improves security.
Simplified Backup and Disaster Recovery
With desktops running in the cloud, end users are not storing any important data on their local devices. Therefore, there is no need to backup any data that is stored on the user’s hardware. That saves your IT organization the considerable effort of needing to install and configure backup software on end user desktops and laptops. Each user’s desktop environment can still be backed up, but since it is running in a virtual machine, hosted in the cloud, backup is much simpler. It can be accomplished simply by periodically saving a snapshot of the VM.
To prepare for disaster, the VM backups can be periodically saved (synchronized) to an offsite location. Should disaster strike, the desktops can be recovered simply by provisioning new virtual machines from the offsite backups into the backup cloud datacenter.
Typically, desktops and laptops are the least resilient part of any corporate computing infrastructure. So, moving to virtual desktops improves resilience dramatically. Without DaaS, if an employee’s hard disk crashes, they may be out of commission for hours while a new machine is commissioned and configured from backup. With DaaS, the employee can simply grab any available machine and log back in to their virtual desktop - continuing to work while their old machine is repaired or replaced. Likewise, if a user’s machine is hit by a virus or ransomware, it can simply be wiped clean and rebuilt, since there is no important data stored locally. Once the machine is rebuilt, the user can access their cloud desktop again and pick up where they left off.
Increased User Flexibility
Employees today require flexibility. When in the office, they may be most productive working on a desktop computer. While traveling, they might need to work from their laptop. And from home, in the evenings, they may want to get some work done on a tablet device. For many organizations, it has been logistically challenging and cost prohibitive to provide that level of flexibility for most employees. Maintaining multiple machines, including security, backup, and corporate applications on multiple devices per employee is a luxury that can be afforded to only an elite few.
But, as described above, with DaaS the security and backup challenges are eliminated. Inexpensive laptops can a issued to provide mobile access to powerful desktops running in the cloud. Employees can also safely access corporate systems from home desktops, personal laptops, or tablets. This arrangement is referred to as “Bring Your Own Device” (BYOD). Because the only communication between the personal device and the virtual desktop is keystrokes, clicks and pixels, there is no chance that viruses or malware can spread from the user’s machine to corporate systems.
Common Use Cases - When Does DaaS Make Sense?
Given these benefits, you might conclude that organizations would benefit from migrating all end users to desktop as a service. In theory that might be true, but in practice, it can be an overwhelming undertaking for an organization to move all their employees to DaaS at once.
As a result, many companies choose to move certain groups of employees, or business functions, first. Lessons can be learned on a smaller scale and return on investment can be proven before rolling the technology out to the entire company. As it turns out, there are a few use cases where DaaS is particularly well suited, and companies often start with one of these: remote workers, contractors, help desks, regulatory compliance, and training centers.
Desktop as a service makes sense for remote workers. As working outside the office, often from home, becomes increasingly common, DaaS offers an effective way to support these employees by providing a full-featured company desktop, with access to all the tools they need, via a web browser and an internet connection.
Contractors and Temporary Workers
DaaS makes sense for contractors and temporary workers as well. Whether they work remotely or not, contractors often need access to corporate systems for only a short period of time. Getting them set up with a laptop or desktop when they start, then decommissioning and recycling the hardware for the next user when they finish, puts a strain on IT departments and slows the onboarding process. It is much simpler and less expensive for contractors to be provisioned a virtual desktop to use while they are working with your company.
Help Desks and Contact Centers
Help desks and contact centers (call centers) can also benefit from DaaS. Your agents may work in-house, from home, or they may be contract employees at another location. Regardless of where they are located, these workers need access to a standard set of tools including customer support (or help desk) software, collaboration tools, and VOIP communication technology to power a USB headset. These tools can be bundled in a standard desktop and delivered over the internet to agents’ personal computers (BYOD) or inexpensive thin client hardware provided by your organization.
Another area where DaaS can help is regulatory compliance. Portable devices like laptops and tablets store data locally. When that data includes personal health information (PHI), portable devices represent a significant HIPAA risk when lost or stolen. Similarly, endpoints that are used for credit card entry pose a PCI risk. Desktop as a service solutions help solve this problem because they don’t store any data on the devices used to access them. As long as the cloud data center hosting the desktop virtual machines is HIPAA (or PCI) compliant, your workers access these VMs using DaaS technology should be in compliance.
Finally, corporate training centers are often well suited to desktop as a service. This is particularly true for software training. Rather than physically installing the software on each student’s hardware, it is a lot simpler to provision the student with virtual desktop access to the software and demo data being used during training. Without DaaS, the training computers must be wiped and rebuilt with the configuration required for each new training course. But when desktops are running in the cloud, your organization simply needs to provide a virtual machine image that can be used to provision a virtual desktop for each student taking the class.
Managed Services for DaaS
As evidenced in our description of benefits and use cases, DaaS offers new approaches to many end user computing services. As a result, it is now possible, and often advantageous, to outsource support for DaaS to a managed service provider (MSP). The partner you select to implement your DaaS solution can oftentimes provide this support. IIS, for example, can work with you to design and implement DaaS, and then provide ongoing support as your MSP.
An MSP, such as IIS, works with your organization to design, implement, and support your DaaS infrastructure. Managed services make sense for organizations that do not have in-house staff with the expertise to support desktop as a service, as well as those who are looking for ways to simplify internal IT operations by outsourcing support for end user computing. Some of the services typically provided to support DaaS include: Help Desk (L1, L2, L3), Backup and Disaster Recovery, Hybrid Cloud Hosting, Security for Regulatory Compliance,
Help Desk (L1, L2, L3)
Once your end users are up and running with DaaS, your support burden will be lower, but it will present different challenges. If you don’t want to retool your organization’s skills to provide this support, it can make sense to outsource help desk support. Support services are categorized as Levels 1, 2, and 3. L1 provides basic support like resetting passwords and connecting to printers. L2 deals with known issues affecting the virtual desktop including operating system or application configuration problems. L3 deals with the most difficult challenges like viruses or crash recovery that require full administrative control of the virtual desktop.
Backup and Disaster Recovery
An MSP can also provide a turnkey backup and disaster recovery services designed to meet service level agreements (SLAs). This can include everything from restoring crashed desktops to recovering and standing up the entire DaaS in a new cloud in the event of disaster. For more details see this post.
Hybrid Cloud Hosting
In many business scenarios, particularly for financial or healthcare applications, security concerns require DaaS to be implemented in a hybrid cloud with dedicated hardware. A managed service provider typically works with one or more preferred manage hosting companies to set up your private cloud and provide monitoring and management services on an ongoing basis. Some MSPs provide their own hybrid cloud hosting capabilities.
Security and Regulatory Compliance
Many MSPs will coordinate with the cloud hosting provider to enforce regulatory policies such as HIPAA and PCI. In addition, they can provide ongoing support and management for critical security needs like multi-factor authentication (MFA), single sign-on (SSO), anti-virus, anti-malware, intrusion detection, etc.
MSPs also provide ongoing support for the software infrastructure required for end user computing. This may include Microsoft Active Directory administration, maintaining standard desktop configurations, patch management, firewall maintenance, etc.
Even with DaaS, end user devices still need to be managed. An MSP can provide physical distribution, collection, configuration, and repair services for desktops, laptops, thin clients, etc.
IIS DaaS Solutions
International Integrated Solutions (IIS) is a managed service provider and system integrator offering desktop as a service design, implementation, and support. The company has cultivated deep partnerships with both Citrix and VMware, delivering DaaS solutions built on either technology. In addition, they support desktop environments running on either Windows or RedHat Linux.
IIS brings expertise in desktop configuration including operating systems, virtual CPU and GPU, virtual RAM and disk storage configuration, along with end user applications like Office 365, Adobe products, and browsers. They are experienced with providing high performance solutions for live video, CAD/CAM, and graphic design.
IIS provides customers with a choice of either unmanaged or managed DaaS. In the unmanaged scenario, clients manage their own virtual desktops from a centralized interface and can supply their own desktop software licenses (BYO licensing).
In a managed DaaS relationship, IIS can provide any of the managed services described above, include:
- Help Desk (L1, L2, L3) - delivered on the industry-leading ServiceNow platform.
- Backup and Disaster Recovery - including hybrid backup and fully encrypted data storage.
- Security and Regulatory Compliance - delivered in a virtual private cloud powered by Webair.
- Infrastructure Management - including Active Directory, Desktop Configuration, Patch Management, and Firewalls.
- Device Management - including the physical distribution (and collection) of end user devices (laptops, thin clients).
The Time for DaaS is Now
A convergence of factors make now a great time for your organization to realize the benefits of DaaS. The technology for delivering desktop as a service has matured significantly in the last few years. End users are accustomed to cloud computing from using products like Office 365 and other SaaS tools. The logical next step is to migrate the entire desktop to the cloud.