I wanted to start writing some posts that talk about how DaaS relates to certain key trends in IT. The first is Data Loss Prevention (DLP). We talk generally about the security benefits of a centrally hosted computing model but I wanted to dig a little deeper than just saying that DaaS increases client security. DLP solutions represent one of the hottest segments of the security market and as it turns out, DaaS inherently goes a long way to solving many data leakage issues.

DLP solutions try to help IT keep control of sensitive data. The solutions generally leverage either network-based architectures (gateways that analyze the flow of data as it leaves the organization) or host-based designs that prevent the transmission of data to peripherals (USB keys, optical media, printers, etc.) and/or which encrypt data on the host. One of the most significant challenges with these systems is that a large portion of the data floating around the typical organization is unstructured, which makes it very difficult to track, let alone secure.

DaaS greatly simplifies the host-based portion of DLP. Since the user’s desktop is actually a VM running in a data center, the traditional pathway to the peripherals on the endpoint (i.e. USB slot, DVD burner, etc.) is redirected through the virtual channels of the remoting protocol being used (i.e. RDP). This architecture enables IT to maintain granular control over whether users can do things like print remotely or copy files to the endpoint and can even prevent clipboard communication (copy and paste) between the remote session and the local device.

What DaaS doesn’t help with is the network-based potion of DLP. Users can still email confidential data out of the organization or used web-based FTP, for example, to transmit sensitive IP externally. With that said, by inherently controlling host-based data leakage, DaaS does enable organizations to take a significant step toward making DLP a reality. Given the ever growing complexity of the DLP problem, IT security folks should be taking a close look at DaaS.