015: Define and rollout VDI strategy

Overview

Define approach to Virtual Desktop Infrastructure (VDI) to either adopt a cloud-managed solution like Windows 365 or Azure Virtual Desktop, or integrate existing solution with Entra ID for SSO. This is an important tool in the toolkit, especially with

Application virtualization and contribute to Zero Trust security by abstracting the application and desktop environments from the underlying physical hardware. Here’s how they support Zero Trust:

• Isolation: Virtualization isolates applications and desktops in separate environments, reducing the risk of lateral movement of threats.
• Controlled Access: Access to virtualized applications and desktops can be tightly controlled based on user identity and context, aligning with Zero Trust principles of minimal privilege.
• Centralized Management: Since resources are centralized, it's easier to enforce security policies, perform updates, and monitor activities consistently across all virtual sessions.
• Reduced Endpoint Exposure: By running applications and desktops in data centers rather than on local devices, the exposure of sensitive data on end-user devices is minimized.

Reference

• Windows 365 requirements | Microsoft Learn
• App Integration Tutorials for use with Microsoft Entra ID - Microsoft Entra ID | Microsoft Learn