With the recent worldwide pandemic caused by Covid-19, it’s no mystery that quarantines and “social distancing” is catapulting the concept of “remote work” into a reality – or necessity. Luckily the world was quick to adopt Microsoft’s Office 365 suite of cloud productivity services, most lead with email and are now using the likes of OneDrive, SharePoint Online, and the recently made-popular remote work solution “Teams”. But challenges still remain. Users often have applications that still run locally on their desktop, web-based applications are still hosted in house for various reasons (no SaaS alternative, security, etc.). How can we more easily provide these familiar applications to users when they’re no longer within the corporate office?
VPN clients immediately come to mind, however unless your organization issues laptops for each user, it’s likely users will be working from home using personal devices. This results in a tremendous amount of security risk in that you’re essentially putting non-protected and non-compliant devices directly on your corporate network.
Below are a couple of the most obvious services I’m hearing companies and organizations adopt during this time. There’s of course many more, but these present the most value in the least amount of development & ramp up time:
Remote Access to On-Premises Apps using Azure AD Application Proxy
Simply put, Azure AD Application Proxy is the quickest way to make internal web-based applications accessible over the internet without a VPN client. This solution is very quick to setup and can quickly get some of your most critical applications back in the hands of remote users. The setup requires on-premises servers that have a lightweight connector on them, they communicate with Azure AD outbound only over and encrypted HTTPS tunnel. Once an application has been “published”, users access the workload using the ever familiar “waffle” or “app launcher” in the O365 portal.
Examples would include publishing an application like SAP, or even an entire VDI environment. Best part? Users are subject to MFA if you’ve adopted the built-in Azure AD MFA.
Azure Windows Virtual Desktops
Windows Virtual Desktop is a comprehensive desktop and app virtualization service running in the cloud. It’s the only virtual desktop infrastructure (VDI) that delivers simplified management, multi-session Windows 10, optimizations for Office 365 ProPlus, and support for Remote Desktop Services (RDS) environments. Deploy and scale your Windows desktops and apps on Azure in minutes, and get built-in security and compliance features.This service shows a ton of promise, while initial setup may take some time – ARM templates and walk-through s are around and should help cut down the time to deploy.