Amazon WorkSpaces: Supporting a More Secure Remote Workforce

Posted by C1 on Oct 13, 2020 10:00:00 AM

In today’s pandemic times, we are finding more and more customers and end users are working remotely from home. This requires users to access a number of devices, including laptops and tablets, while at home. Is this secure? Absolutely not.

Many of us have heard of VDI—but what, exactly, is it?

Traditionally, users had desktop computers or laptops that their applications executed on. These applications accessed folders, files, and databases within the corporate data center. Employees now working outside of the company’s offices can use Virtual Private Networking (VPN) software to securely access the same folders, files, and databases. However, this creates a complex extension of the corporate network to many devices in unknown locations and opens the door to potential security threats.

Virtual Desktop Infrastructure, or VDI, can provide an alternative—and more secure—way to connecting remote devices directly to the corporate network. Applications are moved to centralized servers, which then send desktop images to the end users.

Key advantages over traditional desktops include:

  • Consistent User Experience: Users all access the same operating system and configuration.

  • Reduced Network Exposure: VPNs connect the client computer to the corporate network. Secure VDI clients only connect the VDI client application to the VDI server.

  • Data Stays in Your Control: When a traditional laptop is lost, all data on it may be out in the open. If you lose a laptop only used to access your VDI, you don’t lose any corporate data.

  • Business Continuity Planning: When you have a VDI service and a proper disaster recovery plan for it, keeping users working is much easier in the event of an interruption.

Previously, corporations wanting to offer VDI had to provision a significant pool of computing resources. The servers’ complicated configurations and license fees put VDI solutions outside the reach of many companies. Cloud computing reduced the upfront costs to companies needing computing capacity. In the same way, Amazon WorkSpaces eliminates the upfront cost of VDI and significantly reduces the complexity of implementing it. Companies that have purchased Windows licenses can look at the BYOL option. If your Microsoft License Terms allow it, you can use this to migrate licenses to the Amazon WorkSpaces solution.

The Amazon WorkSpaces client secures its connection to the central service, eliminating the need for additional VPN licenses.

Amazon WorkSpaces Connections

Once WorkSpaces has been configured for the users, they will receive an email with a link to the Amazon WorkSpaces Client Download page and a registration code. The employee needs to download the client—whether it is a Windows, Chromebook, or Mac device—and install it, launch it, and then enter the provided registration code before their first use. The user is then able to use their desktop any time just by logging in.

Now your employee is ready to go at their company desktop. All the company-supplied applications are already installed for the user. They can access the network file shares just as they always have.

Depending on how many employees your company has and how unique their functions and needs are, you can create several “golden images.” Administrators launch WorkSpaces from these “Golden Images,” which contain an installation of the operating system and applications.

WorkSpaces Costs

Amazon WorkSpaces pricing can be a little perplexing. Let’s discuss it in an easier-to-understand way and hope this guides you on when each pricing model works best.

The first pricing model is “Always On.” As the name implies, the workspace is always on and available for users. This results in quicker login times for users, consistent billing for finance, and the ability for scheduled tasks to run as needed. However, “always on” is going to be more costly.

The second model is Hourly Pricing. This model has a monthly base price that covers licensing, management, and storage. There is an additional per-hour price for time when WorkSpaces is turned on. This model is great when you have infrequently scheduled workers or are in the education field.

When reviewing the pricing models, the breakeven point tends to be around 80-85 hours. The specific point varies based on CPU, Memory, Storage, and Windows Licensing. This means that for any full-time employee using their computer every day, Always On is a better choice. Additionally, even part-time employees who are regularly using their computer will likely exceed this breakeven point.

Hourly pricing is an excellent way to do initial testing, configuration, and user training. There are also a variety of different workstation types for standard-to-high GPUs for demanding, high-density graphics and 3D applications. It is also possible to BYOL with WorkSpaces, which will let you use your own Windows 7 and 10 OS.

How to Get Started

Here at ConvergeOne, we have helped many customers with the shift to remote working. We have completed multiple implementations of WorkSpaces and have knowledgeable experts on the subject. If you would like to see a demo or understand how this could help your business, please reach out to us.


Structured Analysis of 75+ Critical Areas Across 10 Domains

  • Holistically assess the current state of the remote workforce against six proven pillars in a sixty-minute structured workshop
  • Comprehensive engagement report provided upon completion

Take advantage of this free workshop and report today.


Topics: Data Center, Cyber Security, Remote Working, Business Continuity


C1  -- C1 is transforming the industry by creating connected experiences that make a lasting impact on customers, our teams and our communities. More than 10,000 customers use C1 every day to help them build meaningful connections through innovative and secure experiences.