Working from home? How to integrate Amazon WorkSpaces into your AWS environment and maintain regulatory compliance and security.

May 1, 2020 | Announcements, Migration, MSP

Many companies are on lockdown because of the Coronavirus (COVID-19) and social distancing, and they’re struggling to still be in scope of the regulatory compliance and security they generally work under. Using Amazon WorkSpaces, it’s possible to have a virtual desktop without losing your grip on your company’s regulatory compliance and IT security while working from home. Amazon WorkSpaces is a managed, secure Desktop-as-a-Service (DaaS) solution to provision either Windows or Linux desktops for thousands of desktops to workers across the globe.

Why select Amazon WorkSpaces?

With Amazon WorkSpaces, your users get a fast, responsive desktop that they can access anywhere, anytime, from any supported device.

  • Maintain regulatory compliance while working from home. Amazon WorkSpaces is in the scope of AWS compliance efforts based on the expected use case, feedback, and demand. Click here for a list of compliance programs currently in scope for Amazon WorkSpaces.
  • Simplicity. Amazon WorkSpaces helps simplify your desktop delivery strategy for managing hardware inventory, OS versions and patches, and Virtual Desktop Infrastructure (VDI). Your users can access it using either the client or the web. Bring Your Own License (BYOL) is available for Windows and applications.
  • Cost savings. Pay either monthly or hourly just for the Amazon WorkSpaces that you launch. When compared to traditional desktops and on-premises VDI solutions (e.g., Citrix VDI), Amazon WorkSpaces offers a more affordable pricing model.
  • Security.
    1. Amazon WorkSpaces can be hooked into your Amazon Virtual Private Network (Amazon VPC), provided that your security groups allow it. Access to your development environment is facilitated by being in the same VPC.
    2. You can enable multi-factor authentication (MFA) to enhance security, and you can lock the solution to be accessed by specific IP(s).
    3. Users get access to persistent, encrypted storage volumes in the AWS Cloud.
    4. No user data is stored on the local device and your overall risk surface area is reduced.

Step-by-step tutorial on how to integrate Amazon WorkSpaces into your existing Amazon infrastructure

1. To demonstrate how well Amazon WorkSpaces integrates with your existing Amazon infrastructure, we are going to opt for an Advanced Setup.

2. We need to integrate it with an Active Directory (AD), which you can select in this step. You can choose an AWS-managed Microsoft AD, Simple AD, or connect an existing AD.

3. Enter the mandatory fields.

4. Choose the Amazon VPC and subnets within which you want to launch your AD resource.

5. Now launch Amazon WorkSpaces and add the Amazon VPC and subnet details.

6. Add users to your directory. The users added here will automatically receive an email with instructions to download a client and to authenticate once the creation of the Amazon WorkSpace is complete.

7. Choose the OS or available bundle of OS with some application. Amazon WorkSpaces Free Tier allows you to launch two Standard bundle WorkSpaces (either the Windows 7 or the Windows 10 Desktop Experience) and use them for a total of 40 hours per month, for up to two calendar months. For this demo, we have selected the Windows 10 Desktop Experience.

8. Next, you can add some additional configurations like Encryption, Auto-stop, and Tags.

9. Review and launch. Your Amazon WorkSpace will take up to 20 minutes to launch.

In conclusion

With the advent of COVID-19, many current AWS customers have scaled up their use of Amazon WorkSpaces to support their sudden move to a largely remote workforce. To maintain regulatory compliance and security in such an environment (and save costs compared to traditional desktops and on-premises VDI solutions), I recommend that you implement Amazon WorkSpaces.

Need help to maintain regulatory compliance and security on AWS? The nClouds team is here to help with that and all your AWS infrastructure requirements.

Contact us