May 29 2014

A Guide to Realizing the Potential of Desktops as a Service

Turn to the cloud to realize the cost-cutting and security benefits of VDI.

Managing and ­securing ­end-user devices is ­becoming more challenging ­every day. IT departments are expected to support ­diverse groups of ­workers ­ranging from those in remote ­offices with desktops running various ­operating systems to mobile workers with an array of personal devices.

Some organizations are turning to virtualized desktops to gain greater control of these fixed and mobile systems and provide greater access to business applications.

One approach implements a virtual desktop infrastructure (VDI) within an existing data center. This entails deploying a large number of servers, virtualization software and additional network infrastructure. Although promising, this tactic has its own ­implementation and management challenges.

Consequently, instead of building their own infrastructure, some businesses are turning to Desktop as a Service (DaaS) to deploy virtualized desktops. DaaS is a cloud-based VDI ­service that allows companies to ­subscribe to desktop virtualization much as they would other cloud services.

The advantages of DaaS parallel those of other Software as a Service (SaaS) offerings: DaaS customers avoid substantial capital expenditures and don’t have to maintain staff to support additional hardware and network infrastructure.

DaaS also has the potential to cut costs for desktop support and bolster information security systems. Follow these best practices to realize that potential.

Step 1: Identify User Groups

Not surprisingly, planning is a key first step to a successful DaaS deployment. Start by identifying user groups ­according to the virtual resources they’ll require. Some users run computationally demanding applications that need multiple CPUs and large amounts of RAM, while those who work primarily with collaboration and common personal productivity tools can do well with minimally configured virtual desktops. Once these user types are defined, and the associated resources and number of each type of user is ­determined, DaaS costs can be estimated.


of small and medium-sized businesses that use a cloud service say they have gained significant security, privacy and ­reliability advantages that they didn’t have with their on-premises technology.

SOURCE: “Small and midsize businesses cloud trust study: U.S. study results” (Microsoft, June 2013)

Step 2: Determine Required Virtualized Desktop Types

Next, decide which type of virtualized desktop — persistent, ­session or application — is needed.

A persistent desktop, which is most like the personal desktops employees are accustomed to, saves the state of a desktop between sessions. It provides some degree of end-user customization, and because state information is preserved, some form of a desktop snapshot is stored persistently. Storage costs vary with the number of persistent desktops, so consider limiting their use to only those users with well-defined requirements for this feature.

Session-based desktops do not save state information. Instead, a default configuration is provided to users each time they log in. This virtualized desktop type has the advantage of reduced storage requirements because desktop snapshots are not saved. When a user ­finishes with a virtualized desktop, it can be returned to a pool of virtual machines that are shared among multiple users.

Sometimes a user may need ­access to a particular application but not a full desktop. In this case, a virtualized application may be the best option; for example, a legacy enterprise application designed for a client server environment that needs to be made available to employees using tablets. Rather than design and develop a mobile app, IT could provide access to the legacy software program as a virtualized application.

Step 3: Leverage Existing Infrastructure

It may be possible to use current infrastructure to help keep DaaS costs down. IT staff may be able to establish a virtual private network (VPN) between virtual desktops and internal networks, ­allowing users to store files on existing network file servers instead of in the cloud. An enterprise Active Directory is also a valuable resource that should be used when deploying DaaS. If the Active Directory has been built over several years, IT probably has a substantial amount of ­information about users, resources and access controls, which will make it easier to define and implement security controls.

Step 4: Combine Migrations

Desktop migrations can be time-­consuming and challenging, no matter what type of migration is being ­performed. So consider combining migrations; for example, upgrading from older versions of Windows while transitioning to virtualized desktops. Because there are risks with any migration (such as losing end-user data or leaving a user with a nonfunctional device for a period of time), developing a risk mitigation plan before starting is essential.

Step 5: Review ­software Licenses

Moving to DaaS provides an opportunity to review software-licensing ­strategies to ensure compliance and possibly ­reduce costs. A compliance review should be first and foremost because the different types of DaaS virtualized desktops (persistent, session and application) may require different types of licenses. Some software vendors may restrict the use of their software in a cloud environment, so it is prudent to review license details as part of DaaS migration planning.

Deploying DaaS instead of conventional, dedicated desktops offers many advantages to both IT administrators and end users. For IT, reduced maintenance costs and improved security come with centrally managed, consistently deployed virtual desktops. End users gain the ability to access their desktop from multiple devices. This saves them from ad hoc and potentially insecure practices such as ­emailing work documents to themselves so they can access them from their personal tablets or notebooks.

@Glowimages/Colin Anderson