Security Predictions for 2015: #3 – Traditionally “Secure” Infrastructure such as VDI Will Be Compromised
However, desktop virtualization also exposes new security challenges. Organizations often host multiple desktops with the same operating systems and the same set of applications on a single physical server. Without proper isolation, an attacker can install a rootkit and compromise multiple desktops. With limited system diversity, attackers might uncover a vulnerability, allowing them to quickly exploit thousands of desktops in one fell swoop.
We predict that in 2015, attackers will execute more brute force attacks and conduct new and creative attacks on virtual desktops. To protect VDI environments, organizations should implement operating system or application isolation—especially if virtual desktops are hosted in the cloud. Organizations should also control how data can be transferred to and from VDI environments, install anti-malware software, and monitor for intrusions.