07 Feb

58 percent of organizations interviewed by Forrester Consulting for their Total Economic Impact™ (TEI) Study, agreed that DaaS is more secure and more reliable than traditional VDI. However, there is still a good percentage of CIOs who still believe that migrating to the cloud will increase the risk of cyber-attacks and data stored in the cloud is vulnerable.


Migrating to cloud does not guarantee network security, however when compared to traditional datacenter-based solutions, DaaS, when used for delivering new models for Hybrid work, is proving to be more secure than traditional desk top delivery solutions. In fact, further research done by Forrester and IT Central Station shows that there is a significant increase in cyber security when migrating data and apps to the cloud.


There are strong arguments to cloud migration – particularly from a security aspect as described below: 


  • Combining Secure Internet access solutions (such as Citrix Secure Internet) and VMs running in the cloud, employees do not need to download data to their devices, they view the data remotely via the VM. This is critical when users are accessing sensitive information.
  • Updates to cloud services are ongoing and using the services, enterprises can block users from accessing data not relevant to them without compromising workflow.
  • Establish Zero Trust – DaaS, even though a virtual desktop, operates on an endpoint device and facilitates endpoint security. In deploying DaaS – zero trust security principles are easily implemented which, combined with user analytics, offers the ability for network protocols to be set up. For example, blocking users from downloading, printing and / or emailing sensitive files. Users that are potentially compromised can be logged out of the network before any breach occurs and malicious user behavior can be monitored and stopped.
  • In 2021 it was estimated that there are over 21 billion IoT connected devices which, is expected to grow to 123 billion devices by 2030. The potential impact of IoT has on the way technology is produced and businesses operate is exigent and constantly expanding. The use IoT devices however has increased the vulnerability for cyber security breaches. IoT - Cloud convergences can reduce the attack surface by restricting all incoming and outgoing traffic to pass through the API gateway in the cloud. In addition, using solutions such as Citrix Internet security and Microsoft Azure security protocols will offer enterprises enhanced device authentication and identity verification.
  • Following on from the use of IoT and the variety of devices that employees are using to connect to an enterprise’s network, management will need to define the parameters for Privileged Access Management (PAM) and Identify Access Management (IAM).

IAM vs PAM – what’s the difference? Both PAM and IAM are common methods used for high level security and are sometimes thought to be interchangeable. However, there are fundamental differences that need to be taken into consideration.

IAM uses the features of Zero Trust security which, requires users to be identified and authenticated every time they access the enterprise network. IAM can be deployed either on premises or via the cloud and can include a Single Sign-On (SSO) or multi -factor authentication (MFA) which are common components of IAM.


PAM however is a sub-system of the IAM process. PAM identifies users who have permission to access privilege and / or sensitive information. PAM goes beyond both SSO and MFA and makes use of dynamic authentication for each session.


In short IAM identifies each user and allows them access to the company’s network, whereas PAM requires further authentication and manages the user’s actions limiting the availability of information a user can access based on strict permissions protocols.