• Annick Breton, Partner |

Two months into widespread home-confinement in Luxembourg, and it’s been amazing to see the great work done by IT departments up and down the country to make homeworking happen and ensure the continuity of key corporate applications.

While larger outfits may have been able to tackle the issue head-on, many small- and medium-sized operations may struggle more to transform IT operations at such short notice. A recent business continuity survey conducted by Gartner revealed that just 12 percent of IT organizations were prepared to deal speedily with an incident like we are experiencing with the Coronavirus. One major element in this unpreparedness is the lack of a robust and agile platform supporting remote working (‘télétravail’).

12 % Percentage of IT organizations prepared for a Covid-19 style crisis

VPN dominates as the go-to solution

Generally speaking, in light of Covid-19, we have seen larger organizations invest significantly in deploying and boosting the performance of enterprise-wide VPN (Virtual Private Network).

How does a VPN connection work?

A VPN allows the end-user to access network resources and a company intranet through what is referred to as a tunnel. This links an external machine to corporate resources. In other words, a VPN is a simple pipe giving access to a remote server – the user’s device still requires pre-installed applications/platforms on his device.

Under this scenario, many organizations have distributed laptops to their mobile workforce, sometimes even purchasing new equipment to replace the usual desktop set-up. The challenges (and pain points) involved are numerous: between the cost of end-point equipment, the effort required to manage devices and additional software licenses, IT teams have their work cut out. Added to this is the highly increased security exposure: mobile devices can open up the organization to data leaks. Without significant budget to invest in security, the drawbacks are clear.

A secure, smart alternative: VDI or DaaS

While investing massively in VPN solutions, organizations may have overlooked its more agile younger sister: VDI (Virtual Desktop Infrastructure), otherwise know as DaaS (Desktop as a Service).

How does a VDI connection work?

A virtual desktop infrastructure (VDI) is a method of virtualization that allows a virtual desktop to run on your servers (at your premises or via a third-party data center). The end-user can remotely access his/her virtual desktop from any device of his/her choice.

In this scenario, companies can give their employees the freedom to access a virtual desktop from any device— even a widescreen TV. Device-level security becomes less important because the user’s personal PC, mobile or other device essentially become a “thin client device” and all of the user’s activities take place within a virtual machine in the organization’s own data center. In simple terms, devices (desktops, laptops, mobiles, etc.) are no longer the source which stores your data and applications: they become hardware which can be used by all users to access their ‘desktop’ information and applications stored in the company’s data center. If the user somehow manages to infect the virtual desktop’s OS with malware, it isn’t a huge problem because virtual desktops on the server are typically nonpersistent, which means they reset to a pristine state at the end of each session.

An extra perk: VDI can be deployed in days rather than months.

VPN vs. VDI: the two homeworking solutions compared

You can see how VPN and VDI compare to each other on the main decision-making criteria involved in choosing a work-from-home solution.

Decision-making criteria How VDI compares to VPN
Cost to deploy solution 50-70% cheaper depending on the required set-up. The reduced cost of device and license ownership is particularly significant in lowering costs.
Time to deploy solution Days rather than months if the data center is equipped with adequate storage and compute capabilities
Time to set-up one worker Seconds rather than months
Security All data remains in the corporate environment, which reduces the chance of malware affecting data integrity while ensuring data compliance. Virus scanning can be centralized.
Management Centralized and simplified—no need to manage multiple laptop maintenance and installation. Licenses for used applications are also managed centrally.
Ease-of-use for user Individuals can use the device of their choice.  Employees can also switch off their machine, pick up another device, and work from there seamlessly.


If you are currently deploying a new work-from-home system and would like further insight into VDI technology, please get in touch via email on philippe.bovy@kpmg.lu.

You can access our online factsheet here.