Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Securing Cloud PCs and Azure Virtual Desktop
  • Table Of Contents Toc
  • Feedback & Rating feedback
Securing Cloud PCs and Azure Virtual Desktop

Securing Cloud PCs and Azure Virtual Desktop

By : Dominiek Verham, Johan Vanneuville
5 (3)
Buy this Book
close
close
Securing Cloud PCs and Azure Virtual Desktop

Securing Cloud PCs and Azure Virtual Desktop

5 (3)
By: Dominiek Verham, Johan Vanneuville
Buy this Book

Overview of this book

Do you want to effectively implement and maintain secure virtualized systems? This book will give you a comprehensive understanding of Microsoft virtual endpoints, from the fundamentals of Windows 365 and Azure Virtual Desktop to advanced security measures, enabling you to secure, manage, and optimize virtualized environments in line with contemporary cybersecurity challenges. You’ll start with an introduction to Microsoft technologies, gaining a foundational understanding of their capabilities. Next, you’ll delve into the importance of endpoint security, addressing the challenges faced by companies in safeguarding their digital perimeters. This book serves as a practical guide to securing virtual endpoints, covering topics such as network access, data leakage prevention, update management, threat detection, and access control configuration. As you progress, the book offers insights into the nuanced security measures required for Windows 365, Azure Virtual Desktop, and the broader Microsoft Azure infrastructure. The book concludes with real-world use cases, providing practical scenarios for deploying Windows 365 and Azure Virtual Desktop. By the end of this book, you’ll be equipped with practical skills for implementing and evaluating robust endpoint security strategies.
Table of Contents (21 chapters)
close
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
Free Chapter
1
Part 1: An Introduction to Microsoft Virtual Desktops
Part 1: An Introduction to Microsoft Virtual Desktops
2
Chapter 1: Introducing Windows 365 and Azure Virtual Desktop
Chapter 1: Introducing Windows 365 and Azure Virtual Desktop
Advantages of using a virtual desktop
Introducing Windows 365
Introducing Azure Virtual Desktop
Licensing Windows 365 and Azure Virtual Desktop
Introducing Windows App
Summary
3
Part 2: Why Is Endpoint Security Important?
Part 2: Why Is Endpoint Security Important?
4
Chapter 2: Importance of Securing Your Desktops
Chapter 2: Importance of Securing Your Desktops
A desktop at the heart of a user’s workspace
Multiple users on a single desktop
What happens when a physical desktop is lost or stolen?
What can IT admins do to prevent data leakage?
Summary
5
Chapter 3: Modern Security Risks
Chapter 3: Modern Security Risks
What are bad actors?
Types of cyberattacks
Recovering from a cyberattack
Virtual desktops to the rescue
Summary
6
Part 3: Security Controls for W365 and AVD
Part 3: Security Controls for W365 and AVD
7
Chapter 4: Securing User Sessions
Chapter 4: Securing User Sessions
CA and MFA
Configuring RDP device and resource redirections for Windows 365
Configuring RDP properties for Azure Virtual Desktop
RDP session limit timeouts
Summary
8
Chapter 5: Preventing Data Leakage from Desktops
Chapter 5: Preventing Data Leakage from Desktops
Preventing screen captures
Introducing and configuring watermarking
Configuring screen locks
Summary
9
Chapter 6: Update Management Strategies
Chapter 6: Update Management Strategies
Windows Update for Business
Windows Autopatch
Managing updates using custom image templates
Manually creating custom images
Summary
10
Chapter 7: Threat Detection and Prevention
Chapter 7: Threat Detection and Prevention
Microsoft Defender for Endpoint
Introducing tamper protection
Encrypting data on the virtual desktop
Summary
11
Chapter 8: Configuring Access Control
Chapter 8: Configuring Access Control
Configuring Role-Based Access Control (RBAC)
Azure Bastion
Configuring JIT
Microsoft Privileged Identity Management
Windows Local Administrator Password Solution (LAPS)
Summary
12
Part 4: Additional Security Controls per Solution
Part 4: Additional Security Controls per Solution
13
Chapter 9: Securing Windows 365
Chapter 9: Securing Windows 365
Introducing the Windows 365 advanced deployment guide
Security guidelines for Windows 365
Local admin rights
Endpoint Privilege Management
Creating and exporting Cloud PC restore points
Tips and tricks
Summary
14
Chapter 10: Securing Azure Virtual Desktop
chevron up
Chapter 10: Securing Azure Virtual Desktop
Configuring backups
Restoring an FSLogix profile
Securing AVD with private endpoints
Trusted launch and confidential computing
Configuring AppLocker
Securing OneDrive
Active Directory structure and security
Summary
15
Chapter 11: Securing Azure Infrastructure
Chapter 11: Securing Azure Infrastructure
Configure storage security
Configure network security with Azure Firewall
Configure network security with NSGs
Deploying AVD on dedicated hosts
Configuring Defender for Cloud
Deploying an Azure VPN gateway
Summary
16
Part 5: Use Cases
Part 5: Use Cases
17
Chapter 12: Windows 365 Use Cases
Chapter 12: Windows 365 Use Cases
When to use Windows 365 as your personal desktop
Windows 365 as a replacement for on-premise VDI
Windows 365 for contractors
Using Windows 365 as a privileged access workstation
How Windows 365 Boot helps to secure an endpoint
Enhancing security by restricting access to Office 365 services to Cloud PCs
Windows 365 Frontline versus Windows 365 Enterprise
Summary
18
Chapter 13: Azure Virtual Desktop Use Cases
Chapter 13: Azure Virtual Desktop Use Cases
AVD for external users using Bring Your Own Device (BYOD)
Using remote apps instead of desktops
AVD as a disaster recovery solution
AVD for a break/fix scenario
Running AVD on Azure Stack HCI
Summary
19
Index
Index
Why subscribe?
20
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

Securing OneDrive

One of the big advantages of using OneDrive is that end users can have access to their files from anywhere and on any device. This is no different on AVD, but to ensure that OneDrive is being used securely, the IT admin can enforce some settings. This section will cover some general settings that will increase security. Of course, it depends on the organization, and which settings they will enforce:

  • Use OneDrive Files On-Demand
  • Silently move Windows known folders to OneDrive
  • Prevent users from syncing personal OneDrive accounts
  • Prevent users from syncing from other organizations

The configuration for OneDrive can be done in two ways: with a GPO or via Intune. Both are possible for Cloud PCs and AVD session hosts.

Securing OneDrive with a GPO

To create the OneDrive GPO, the IT admin needs the correct .admx and .adml files for OneDrive. To obtain these, the IT admin needs to install OneDrive on a machine from https://www.microsoft.com...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 7
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY