In October, only about 5.2% of the nation’s office workforce was working from home. This number was slowly growing, but many people actually prefer to be in the office and many companies did not have the infrastructure for people to work from home. Some people were also working from home full time.
Now, in the middle of a global crisis, 48% of Americans, a total of 150 million people, have been asked to stay home to avoid spreading disease. Suddenly, companies need to find that critical infrastructure to allow people to work from home. The overall infrastructure is experience stress, such that video streaming companies such as Netflix have been forced to lower the quality of streams. For companies, there are further concerns, such as VPN capacity, the cost of providing extra devices (for example, an office worker who normally uses a desktop may need to be issued a laptop). These solutions need to scale up quickly, without huge capital investment for what is, after all, a temporary situation.
Windows Virtual Desktop is a potential answer to these issues. It gives flexibility with reduced device costs and scalable VPN capability.
What Is Windows Virtual Desktop?
Windows Virtual Desktop is a Microsoft Azure service designed to provide virtual desktop infrastructure for Windows machines. It’s optimized for Windows 10 and Office 365 ProPlus. Windows 10 Virtual Desktop allows you to use Windows 10 even on systems that technically don’t support it, such as old laptops that have been sitting in the IT closet for a few years.
What Are the Benefits of Windows Virtual Desktop?
So, what are the specific benefits of WVD over alternative solutions? There are a number of reasons to use Windows Virtual Desktop if you have a lot of employees who do not normally work from home. Here are some of the most important.
Bring Your Own Device
Normally, you manage any device connected to the secure network. Asking employees to put their personal desktop computers under a managed regimen is likely to create resistance, especially if they are sharing computers with other household members. The last thing anyone wants is to not have an option to delete their social media, apps, and games.
Windows Virtual Desktop allows the virtual desktop to connect to the network, while the device’s main operating system remains separate. It essentially creates a firewall between work and personal, meaning that normal bring your own device policies may not need to be applied during the emergency. Security, however, is not compromised.
Use Cheaper Devices
Because Windows Virtual Desktop relies on the office computer setup or virtual servers, you can run it on devices that cannot normally support Windows 10. This means you can use older laptops, Chromebooks, thin clients, Macs, and NUCs. You don’t need to buy expensive laptops that might be used only for a few months and then put in the closet. You can use whatever devices you already have.
Running on a cheaper device can cause performance issues; consider issuing the more powerful laptops to users with heavier computing needs such as desktop publishing and the cheap or older ones to those with relatively light use. However, the amount of money you can save is substantial. This can also combine with BYOD to save even more by allowing people to use their own devices. After the crisis, this will also be useful to allow occasional work from home for employees who are mildly sick or have children home from school.
Windows Virtual Desktop supports multi-session virtualization. This allows more users to be supported by the same amount of computing power. For example, a single-user virtual desktop may need 2 vCPUs and 4GB of RAM, which scales up quickly. Multi-user can drop this by a significant factor, from a total need of 48 vCPUs for 24 users to 8. There may still be overhead from usage peaks, but this prevents you from paying for unused computing power. If you already use a management tool such as Intune, you can still use it with this setup.
The larger your office the more you save; this kind of virtualization may not be needed for very small offices. For larger ones, though, it can make a huge difference. WVD handles this kind of virtualization automatically and applies proper load balancing to ensure users get the resources they need.
Load balancing in WVD takes two forms; breadth mode and depth mode. The former allocates VMs to users evenly, ensuring they have all the resources they need to run intensive applications and Azure reserved instances.
In depth mode, every user is assigned to the same VM. Then, when they reach a peak, another VM is created and the additional users allocated to it.
Which one you use depends on your specific circumstances. For example, depth mode serves large user numbers. People running highly demanding software such as desktop publishing or graphic design need breadth mode. Talk to IT about usage patterns. The mode used should be transparent to users, that is the users should not be able to tell how you are balancing the load. Ideally, they should notice no difference from being in the office, assuming they have reasonably fast internet.
Whitelisted Access to Company Resources
A lot of security resources are typically IP locked, that is secured to in-network IPs. Unfortunately, when people work from home, their IP changes if they reboot their router, reboot their computer, or have a power loss. This means you can’t whitelist their IP (it generally costs extra for a permanent IP, and covering that cost would be another option, but WVD works better and does not cost as much) for access, compromising security.
The best choice is to use WVD and Azure NAT Gateway to create a virtual workspace with its own static IP. That IP can then be whitelisted for access to secure databases, ERPs, LOB applications and other sensitive applications and information. It’s important to make sure that these extra IPs are removed from the list once everyone is back in the office, as IP whitelists tend to develop junk over time.
No VPN Slowdown
Some companies are responding by putting everyone on their normal VPN. This is a mistake. VPN solutions are generally set up to handle only the people who normally work from home. They do not scale up quickly or well. Each packet has to be encrypted and decrypted, slowing down your servers and increasing latency dramatically. VPN solutions that work for half a dozen employees will not work for fifty or more.
This means that productivity is significantly damaged and people are unable to get work done. Thus, they may, in frustration, attempt to get around using the VPN. Meanwhile, if you have RDP infrastructure on Azure, you get scalability that goes all the way up. Your VPN will not slow down and security and productivity will be maintained. You can continue to use this rather than a traditional VPN moving forward, or switch back to the traditional VPN once the crisis is over, depending on what your costs are.
Flexible Remote Work
Windows Virtual Desktop allows you to deploy work from home infrastructure dynamically and as needed. You can add or remove instances without ancillary costs for extra hardware or licenses; rather you charge for computer and bandwidth use, at a much lower rate than similar solutions. Combined with the ability to use personal devices, this allows you to be flexible on work from home. This will not just help during the current crisis but after it. Allowing more employees to work from home will help your company’s productivity in the long term.
Furthermore, if you have legacy applications that are not native to the cloud, you can virtualize them and allow access from outside the office without compromising security as you work to replace them with cloud-native software. Finally, environments and roles can be managed from anywhere; there is no need to force IT to be the only people who have to come into the office during a crisis.
Learn More About the Windows Virtual Desktop
Using Windows Virtual Desktop for remote work allows you to scale up work instances quickly. Then, scale them back down again when no longer needed. Many companies received a wakeup call from the current crisis. Thus, they are learning that their work from home infrastructure is insufficient. While this is likely to be a one-time crisis, having flexible work from home infrastructure will help your company going forward.
For assistance setting up Windows Virtual Desktop for your remote workforce or for other advice on how to handle having everyone work from home, contact Agile IT today.