Hi All
I am working on a deployment model where workers go home and use their own Windows PC and use the VDM client to connect to a persistent VM where they will work as a tech support worker taking phone calls and working in their CRM.
My concern is that some of these agents are working on sensitive data like credit card numbers. I can implement two factor authentication to insure only the authorized employee is accessing the VM, but what is to prevent a keylogger or screen scraper from capturing the sensitive data?
In trying to answer my own question I have some ideas, but they are far from ideal and I would like to know what others have to say...
Option #1, require employees to have high quality AV, spyware/malware software installed and working correctly. But this brings in tons of issues, like compliance, auditing and trouble shooting and manhours to deal with these. Not too mention that there is likely no single piece of software that is going to be reliable and effective.
Option #2, create a Linux "live CD" that can access the VDM web access. But this also has its down side, like building out a live CD that will work with a wide range of PC hardware and the manhours that will be needed to support and trouble shoot this.
Option #3, use a thin-terminal/client with a third party broker that would not require "at home VPN" connectivity. This is not attractive at all because of the additional expenses of the thin-client and the third party broker.
