What’s the Risk?If a company has converted fully to a VDI infrastructure, they might have gone so far as to have removed all of the physical desktops from within the user environment. If they had a full VDI outage that took days to recover from, the loss of productivity – and possible revenue – would be extreme.
What can Prevent Malware like Shamoon?What sorts of actions can you take to prevent malware such as shamoon from impacting your underlying VDI infrastructure? The answer to this question is very similar to things that you would do to protect other types of server infrastructure within your critical data center, namely:
- Control administrative accounts and change any default passwords
- Place a multi-factor jump-host in front of any administrative portal that allows access to the foundational infrastructure
- Protect access to the underlying operating system like it is one of your most critical assets with the highest availability. It should be on its own dedicated network segment with appropriate access controls at both the network, jump-host, and on the physical operating system
- Remove administrative rights from any user who needs to log into the operating system and only allow those programs specifically from the VDI vendor to operate with privilege
- Continue to run common antivirus and anti-malware solutions on your VDI infrastructure. Do not worry about performance implications of these programs anymore, but be sure to pay close attention to temporary storage folders