Virtual Help Desk

The Challenge with Virtual Help Desks

A Virtual Help Desk allows IT support organizations to virtually deploy personnel as required to support the administrative needs of corporate computer users. The virtualization of the support function permits the efficient management and allocation of resources and personnel independent of the physical location of the employees. Remote access, shared webconferencing, and incarnations of remote desktops permit ubiquitous support of a widely distributed workforce. The Virtual Help Desk is closely aligned with the proliferation of Software-Defined Networking (SDN), which is an approach to networking in which control is “virtual,” often remote, and nearly always decoupled from the physical infrastructure, allowing network administrators and support personnel to administrate a network fabric across multiple vendor sites and multiple installations of heterogeneous equipment.

Although the virtualized scenarios significantly improve resource management by increasing efficiency and supporting peak demand through a virtualized workforce, the overall challenge of security is magnified by the need to permit wider access for employees. For example, the traditional local help desk would only have privileged access to a particular physical or location or domain. The Virtual Help Desk employee might have access to a broader, more global distribution of facilities or, in the case of outsourcing, have access to facilities of more than one client company. In this case, “leakage” of sensitive data between companies or even wholesale “Snowden”-like data exfiltration is a major challenge.

How SPYRUS Helps

SPYRUS Windows To Go drives make an ideal configuration for privileged users staffing Virtual Help Desk functions from remote locations, providing true secure trusted endpoints. The enterprise can enforce access to only the permitted network and/or domains and prevent local access or data storage. This is particularly important when the Virtual Help Desk is provided as an outsourced service, whereby an organization may have multiple independent clients and needs to assure the customer that data leakage between clients does not occur. In addition, the SPYRUS Windows To Go devices provide an outstanding solution for the challenges involved with supporting trusted endpoints from heterogeneous computing environments. The full spectrum of features provided by the SPYRUS family of Windows To Go devices assure a secure, managed endpoint that is an extension of the corporations IT infrastructure.

For highly cost effective, simple application work that either accesses a remote systems administration portal or executes a proprietary VDI application, the enterprise can supply Virtual Help Desk employees with a 32 GB SPYRUS Windows To Go drive provisioned with the Read Only (RO) option. The RO options permits the employee to boot securely from untrusted remote computers and reduces the potential for transferring malware to the corporate network from the personal computer. The RO feature also helps prevent data leakage of corporate data assets since data can not be persistently stored to the live drive. For secure access to the corporate network, the embedded Rosetta micro smart card security controller can store the VPN key and certificates for hardware two-factor authentication to the VPN, corporate networks or even doing smart card log on to the operating system on the SPYRUS Windows To Go live drive.

Some notable features of Windows To Go products for the support of the Virtual Help Desk application are as follows:

Security for Data at Rest

SPYRUS Worksafe Pro™ and Secure Portable Workplace™ use an advanced XTS-AES 256 mode of encryption, totally transparent to the user while operating at SSD category speeds. It is the IEEE standard for full disk encryption and much stronger than using software based full disk encryption. For added protection without reducing performance, SPYRUS provides its Defense-in-Depth two-layer encryption protection by enabling optional   BitLocker software encryption, with the BitLocker passwords securely protected in the hardware encrypted memory partition. (SPYRUS Windows To Go Live Drives)

Mitigate Data Leakage and Malware Propagation

For teleworkers performing their duties by accessing cloud based applications or via remote portals, the SWTG devices provisioned for Read-Only provide strong cryptographic security for VDI and thin-client applications by eliminating persistent data changes to the data stored on the drives and also mitigate the persistent threats of exfiltration and malware propagation. (SPYRUS Windows To Go Live Drives)

Device and Data Management

All SWTG products are complemented by the SPYRUS Enterprise Management System (SEMS).   SEMS offers risk management via global, national and organizational control over those important corporate and personal IT information assets which have previously been confined and protected within the physical IT infrastructure of a facility, but now require protection as they travel the world within USB endpoint devices.   SEMS provides central management for SPYRUS Windows to Go drives with numerous policy driven functions including user access, device enablement/disablement, “kill” inoperability, group or user policy changes, audit recording, and password changes. The SEMS architecture allows an unlimited number of devices to be managed with facilities for multiple administrators based on organizational needs and policies. (SPYRUS Enterprise Management System – SEMS)

We already work with:

Speak to an Expert

If you would like to speak with a SPYRUS expert regarding our products and services, please click on the button below to get all of our contact information. We look forward to assisting you and answering all of your questions.