The goal of Amazon Workspaces is to solve IT headaches by placing the full desktop experience in the cloud. Organizations set up virtual desktops, and users can access their documents, resources, and applications from any device. They pay for access only when an employee actually uses it, providing significant cost reductions compared with persistent virtual desktops deployed in a traditional data center. Because the data and applications are stored in Amazon’s secure cloud, this Desktop-as-a-Service (DaaS) approach promised to be a simple and secure way to provision new users and manage their data.
However, while Amazon Workspaces may do a phenomenal job solving some security challenges, it is helpful to utilize third-party solutions to address all the challenges that organizations face. These challenges include a lack of sufficient backup, insufficient compliance features, and the need for time-consuming hands-on management by IT administrators. These problems add up, making extra protection critical for a truly secure Amazon Workspaces implementation.
Amazon Workspaces automatically back up every 12 hours. This means that if a disaster occurs, an organization risks losing up to 12 hours of data changes. On top of that, administrators have to restore the end users’ data, leading to lost productivity while end users wait to resume work.
Many organizations attempt to use file sharing as a stand-in for true data protection, based on the assumption that if files are synced to the cloud, end users can just load their projects and get back to business. While sharing and collaboration features are certainly a value-add on many cloud services (including Amazon Workspaces), these consumer-grade solutions simply aren’t designed for business-scale data recovery. The onus is on the end user to sync and share their data, putting critical data and files at risk.
“Amazon Workspaces empowers IT to effectively manage virtual desktop installation and provisioning, but fails to supply the necessary tools for secure data backup and recovery.”
Not only is that data at risk, but IT often has no visibility into its own users’ data on DaaS solutions. There’s no way to place data on a legal hold when needed or to ensure that all critical and sensitive data is being backed up. If file sharing is used as a proxy for proper data management, there’s the additional risk of former employees retaining access to corporate intellectual property (IP) via file-sharing accounts. Amazon Workspaces empowers IT to effectively manage virtual desktop installation and provisioning, but it fails to supply the necessary tools for secure data backup and recovery.
In order to truly secure data on Amazon Workspaces, you need a dedicated data security solution. We’re proud to announce that Druva inSync, our leading-edge cloud data protection solution, is now available for Amazon Workspaces.
With Druva inSync, you can
Backing up every 12 hours just won’t cut it, especially in the case of a ransomware attack. That could result in hours of lost data and tons of work to be redone across your entire company. Druva inSync offers data backup as frequently as every 5 minutes.
Some businesses try to sidestep the 12-hour backup window by using Amazon’s file-sharing service WorkDocs as an ad-hoc backup solution. However, this places the onus on the end user to sync their own data, with no organizational control and no Plan B if they forget.
With Druva inSync, automatic backup is managed centrally through a single portal. Administrators have the power to manage policies, users, data, and applications as needed. For example:
Amazon Workspaces simplifies many administrative IT tasks by streamlining device provisioning; however, it is not able to do the same with data backup and recovery. Users are fully dependent on administrators for data recovery, which results in lost productivity for both the user and the administrator. Device lifecycle management is another challenge, and there aren’t sufficient tools for monitoring serious security risks like backup failures, inactive devices, or data loss from departing employees.
On the other hand, Druva inSync’s lifecycle management tools lighten the load on administrators and increase productivity by:
In addition to these features, Druva inSync’s self-service tools ensure that end users can access their data whenever they need it, without having to wait for an administrator to come online. If data is corrupted, automatically deleted, or locked by a ransomware attack, the end user can independently get immediate access to the data and restore a complete snapshot, specific directories, or individual files without an admin’s assistance.
Druva inSync’s Data Loss Prevention (DLP) functionality reduces the total economic impact in case a workspace is hacked and a user gets locked out. It provides powerful, multi-layered protection of critical data residing on your workspace. Once a device is marked for DLP, Druva inSync ensures that the data is encrypted and is rendered unreadable. The data is then auto-deleted from the workspace if the user does not connect for a specified period of time that can be customized to your needs.
Not only does Druva inSync ensure that your Amazon Workspaces data is securely backed up and readily available in case of disaster, but it goes a step further with additional features such as compliance, eDiscovery, and analytics. These features enable you to do the following:
With Druva inSync, your organization has complete control over proactive compliance monitoring. You can select from predefined compliance templates — including HIPAA, GLBA, and PCI — or define customized compliance templates specific to your organization. You can then stay on top of monitoring with customizable tools that enable you to do the following:
In legal situations, data must be readily available for quick recovery. With Druva inSync, you can immediately place a user’s data on legal hold, without the need for any user intervention. This preserves the backup data for that user and keeps it immutable for as long as you need it, regardless of the standard retention policies in place. Administrators can then analyze and access data via Druva inSync’s eDiscovery integration.
Again, these tools go beyond simple data preservation to improve your operations and reduce costs. For example, you can:
High-availability backup is the cornerstone of a good disaster recovery system, but too often, it comes with astronomical storage costs. Unlike traditional methods, however, Druva inSync provides full scalability with a dramatically lower total cost of ownership (TCO). With its patented incremental backup and global dedupe technology, Druva inSync provides frequent backups with minimal data transfer and storage costs.
The built-in security features of Amazon Workspace aren’t sufficient to truly protect your data and your business. Critical gaps, long backup windows, and missing features add up to serious risks and major costs in the event of a disaster.
How Hatco Protects Against Ransomware with Druva on AWS
Learn how to reduce ransomware risks now with Druva, while proactively preparing a response for the future in our upcoming webinar.