Cloud workspace security best practices:

When delivering cloud workspaces, applications or desktops; vendors such as Citrix, VMware, Microsoft and others have a lot to offer in terms of cloud security. With such solutions, management is centralized and a great deal of control is given to the administrators who can ensure the proper security is at play. A Zero Trust policy is usually in place and any device, network, or user must be a trusted one to gain access to corporate assets. However, how is that access being granted and how do users reach their cloud or virtual workspace? This is where an edge strategy matters. Ensuring that the edge is also secure, manageable and following Zero Trust principles means that companies will be better protected from any data breaches. Here are 3 easy and best cloud workspace practices to help achieve this:

1. Set up a Password vault

According to the Verizon Data Breach Investigations report, 80% of data breaches are due to weak or compromised passwords. Today, it is very challenging for users to memorize all passwords while at the same time making them complex and hard to replicate. There are some tools allowing for the storage of credentials making the process easier and more secure for the users. 

One such tool is ZeeKey which stores user credentials on an encrypted USB token .Unlike other password vault solutions, nothing is stored on the cloud, or on any server. Everything is stored on the USB itself. The USB can only be used with trusted devices. The USB itself cannot be copied and if lost access can be removed completely. ZeeKey allows users to keep passwords credentials of extreme complexity and not have to remember them. The user experience is improved as users access to their workspace, apps and websites is simplified. 

2. Put in place an Multi Factor Authentication (MFA) solution

Even after using strong passwords, data breaches can still happen from brute force attacks. Hackers are coming up with faster ways to crack passwords and improvements in computational power and speed have aided them in their quest. To ensure that such attacks are blocked, MFA is highly recommended. According to Microsoft, MFA provides 99.9% protection against such attacks. There are many MFA solutions out there, some cloud based, some on premise, with varying types of authentication means including authentication by SMS, email, via physical tokens, push notifications, a mobile app, etc… There are also studies showing that certain authentication means are safer than others. It was recently found that SMS is not ideal as it can be compromised with SIM swapping. ZeeOTP is a great tool if you are looking for something cost effective and flexible. It is an MFA solution that can be setup on premise or in the cloud. It also allows for numerous authentication methods including unique customizations as required by apps at hand via Zeetim professional services.

3. Harden the operating system

Not all operating systems are created equal and some have different objectives from others. The most popular operating system such as Windows will always be the preferred system for hackers to target. Certain operating systems also require more effort to secure, patch, and maintain. As such, if your usage does not warrant that operating system then it is best to move on to something else.  In the VDI and end user computing space, everything that you are doing is on a remote server (public or private cloud) and as such your local OS requirements are minimal. There are some  options for secure operating systems that are purpose built for this, which are very lightweight, secure, and easy to manage.

ZeeOS is one such endpoint operating system, which is ultra secure and tailor made for virtual workspaces. ZeeOS is read only and only runs the basic apps required such as the virtualization technology client (RDP, Citrix Workspace, VMware Horizon, Nutanix Xi Frame, etc… ). It’s also impossible to configure the device locally and everything must be done from a central and secure management tool to ensure no tampering of any sort. ZeeOS is part of the complete ZeeTerm endpoint solution.

Zeetim makes all of these components available ensuring the ideal Zero Trust Edge approach is in place. To learn more check our complete cloud solution, ZeeEdge.