Virtual desktops have a place, and they can be very useful for a number of environments across a number of sectors. They allow for a variety of users to log in and work from a single computer or work station, allowing the user to interface with his or her systems in a virtualized environment — which is stored on a remote server rather than on a local machine – but these environments separate the physical machine from their software and present an isolated operating system for users.
Therefore, the use of virtual desktops is fairly common in healthcare as hospitals continue to seek solutions that create efficiencies; in this case, an environment where doctors are moving from room to room and need to work from different computers in different locations.
While virtual desktops as a concept can be beneficial to an organization, if used alone they can produce a variety of issues and limitations for those using them. For example, using hospital employees as an example again, as a group they tend to move from work station to work station frequently, logging into their applications and systems on a variety of workstation and switching between computers. Do so each time an employee switches computers is a major inconvenience, not to mention time consuming. Further, new and ever-changing regulations may prohibit the use of any type of shared account commonly found in a virtual desktop environment. For this reason, this is why many organizations have realized that the benefits of a virtual desktop can be made even greater if used in conjunction with a single sign-on or other automated access management solution.
The use of the virtual desktop continues to grow, however. As proof, in a 2012 study conducted by Spiceworks, more than 60 percent of organizations said they planned to roll out or evaluate desktop virtualization in the near term. Many also have or want to implement a single sign-on solution in conjunction with virtual desktops. The reasons for this are many.
In healthcare, especially, clinicians need quick access to their computers and work stations. While a virtual desktop allows them the ability to easily move around to different rooms on their rounds, there’s usually quite a bit of wasted time because caregivers need to repeatedly log in to numerous applications. Anything that slows down the log in process can have a negative impact on patient care. Single sign-on solutions mitigate this issue, allowing end users the ability to provide their access credentials a single time and automatically be authenticated each time a program is launched. So, when an employee moves to another workstation in the hospital, they simply need to enter only one set of credentials and have access to everything they need to perform their jobs from that point for the remainder of their shift.
Another issue that many healthcare organizations may face in with virtual desktop environment is that employees often have share accounts on them, which can lead to HIPAA violations. Of course, HIPAA requires that healthcare organizations show exactly who has access to secure data, as well as ensures that this data is protected and kept safe. Additionally, health systems also must track who exactly is accessing secure and protected information and who is entering a system or retrieving information and making changes to the data, including patient information.
Because of this, hospitals must eliminate all shared accounts to determine who is making changes where and to what information in the record. Single sign-on technology can assist with managing this process by allowing the users to use their own log in — which can be catalogued and tracked for auditing purposes — all the while only requiring them to remember a single set of access credentials.
Another reason that health systems implement sing sign-on alongside their virtual desktops is because they have seen an increase in productivity overall. End users are able to quickly access what they need to complete their work, without needing to repeatedly log in to each system and application. For example, the log in process becomes even more of a hassle when a user forgets a password to one of his or her applications and is locked out of an account. Single sign-on applications make it much easier for users to remember their credentials, as previously discussed, since they only are required to know one set instead of several sets of complicated user names and passwords. This alone can save users a tremendous amount of time each day.
Lastly, single sign-on can make a virtual desktop more secure. The solution can be paired with two-factor authentication to add an additional layer of security. Two-factor authentication requires users to enter a PIN as well as present their access badge to access the computer or workstation. This ensures that the user is who they claim to be.
Overall, virtual desktops, in conjunction with single sign-on, are able to help organizations protect their data, set parameters for who has access to it and meet the burden of regulation while also increasing organizational productivity including providing users with fast and secure, access to systems and applications used throughout the workday; especially important to those providing care to patients.
Dean Wiech is managing director of Tools4ever, a global provider of identity and access management solutions, with a particular focus in healthcare.