Overview of the Previous VDI Solution Used by Z Co., Ltd.
Z Co., Ltd. is China’s marquee general securities company. It is headquartered in Beijing, and has more than 300 service centers distributed across more than 30 provinces, municipalities, and autonomous regions nationwide. Z used to protect its digital assets using a virtual desktop infrastructure (VDI), but it ended up incurring a high hardware cost and significant impact on the employees' productivity.
Before switching to DACS, interaction with the back-end code server was implemented through the VDI server, whose development mode could be outlined as follows.
High Infrastructure Cost
The enterprise is required to spend very high on hardware from the procurement of numerous high-performance server clusters. To accommodate telecommuting, the enterprise was also needed to purchase a separate VPN hardware device.
Inefficient R&D Productivity and Poor User Experience
Disconnected from the Internet, employees were prevented from reusing external codes and resources, which then massively deteriorated their productivity in programming. The VDI solution also entailed a high dependency on the network bandwidth, causing the network to lag very often and reducing the smoothness of the R&D process.
High Burden on the IT Department
With the hardware-based isolation architecture, 50% of the survey respondents claimed that more than 10 network and app modules were needed to only grant a new user with access authorities.
DataCloak® Zero Trust Endpoint Secure Workspace (DACS)
To address the preceding problems, Z took the initiative to scour the market for an optimal solution and eventually decided to use DACS shortly thereafter. As a pure software-based product provided by DataCloak, DACS not only showcases great superiority in cost but also adopts a more scientific management method, giving considerations to both security and efficiency through technology and innovation. Z was only required to prepare a virtual machine to complete the deployment of DACS’ back-end server. All relevant employees can then install the DACS client into their respective endpoints and immediately start telecommuting securely.
Software-Defined Enterprise Security Perimeter: Higher Flexibility
DACS has significantly lowered the costs and implemented a finer-grained isolation than the traditional solution.
Finer-Grained Isolation and Control
With DACS, Z can define its OA, DEV, and OP environments, in addition to implementing finer-grained isolations on its R&D projects, as well as even personnel and devices, without having to purchase any more expensive hardware devices.
Naturally and Flexibly Supports Office Works to be Carried Out From Multiple Different Locations
As soon as the employees install and login to the DACS client in their respective PCs, the endpoints will automatically generate a virtual secure space directly linked to the company's internal development environment, completely eliminating the previous dependency on VPN services.
Trusted Computing Environment Right From the Endpoints: Higher Security
Employees can simultaneously access resources on the Internet and intranet, and be rest assured of the security.
One-Way Flow of Data
While the employees are allowed simultaneous access to resources on the Internet and intranet, data are restricted to flow only from the bottom upward, i.e., Internet->OA->DEV->OP in the order of security level and confidentiality. Otherwise, the flow of data will be banned.
More Scientific Data Leakage Prevention
Each secure workspace adopts a rigorous access control policy, where nobody is allowed to access beyond the due authority or export data in the workspace through the network or any other way.
Adaptive Security and Policy: Higher Efficiency
Z is no longer required to maintain any complicated hardware-based isolation policy, hence reducing the burden of its IT department.
Easy Implementation of Authority Control
Based on a scientific and reasonable data protection mechanism, DACS avoids the use of hierarchical authority policy. In addition, DACS dynamically evaluates the enterprise security and policy from time to time, and automatically optimizes the policy model in conjunction with a unique AI engine.
Low Workload on the IT Department and Simplifying Operation for the Employees
As a pure software-based solution, DACS substantially lowers Z’s operation and maintenance costs and avoids the need for redundant investments. Employees can get right into telecommuting after installing and logging into DACS’ client.
Value Brought by the Solution
- The well-defined isolation perimeter effectively prevents data leakage and nullifies geographical restrictions.
- Dual authentications (identity and device) as well as end-to-end encryption and transmission help prevent illegal monitoring and man-in-the-middle attacks.
- Smoothly realizes data management by level, realizing lean control throughout the entire life cycle.
- Centralized secure access is guaranteed, covering such scenarios as enterprise-level computing, cloud computing, and edge computing.
- DACS allows simultaneous Internet access from both private and enterprise environments by thorough isolation and zero interference from and to both environments.
- DACS offers excellent working experience through its simplified operation and by facilitating local coding and supporting secure sharing.