VMware Horizon Community
jhardman
Enthusiast
Enthusiast

Securing the remote worker -- how do you do it?

Hi All

I am working on a deployment model where workers go home and use their own Windows PC and use the VDM client to connect to a persistent VM where they will work as a tech support worker taking phone calls and working in their CRM.

My concern is that some of these agents are working on sensitive data like credit card numbers. I can implement two factor authentication to insure only the authorized employee is accessing the VM, but what is to prevent a keylogger or screen scraper from capturing the sensitive data?

In trying to answer my own question I have some ideas, but they are far from ideal and I would like to know what others have to say...

Option #1, require employees to have high quality AV, spyware/malware software installed and working correctly. But this brings in tons of issues, like compliance, auditing and trouble shooting and manhours to deal with these. Not too mention that there is likely no single piece of software that is going to be reliable and effective.

Option #2, create a Linux "live CD" that can access the VDM web access. But this also has its down side, like building out a live CD that will work with a wide range of PC hardware and the manhours that will be needed to support and trouble shoot this.

Option #3, use a thin-terminal/client with a third party broker that would not require "at home VPN" connectivity. This is not attractive at all because of the additional expenses of the thin-client and the third party broker.

Reply
0 Kudos
1 Reply
Rodos
Expert
Expert

If you really want to lock down the client end point you could use a thinclient. Or if you want it to run on their own machine you could use pocket ace to run a VM that just runs the VDM client. Ace has all sorts of security features, even techniques to avoid key loggers. See http://www.vmware.com/products/ace/features.html

Considering awarding points if this is of use

Rodos {size:10px}{color:gray}Consider the use of the helpful or correct buttons to award points. Blog: http://rodos.haywood.org/{color}{size}
Reply
0 Kudos