Virtual Desktop Attack Vectors

Virtual Desktop Attack Vectors:  When opening the door for an organization to begin to use desktop virtualization in a BYOPC model, one of the biggest advantages can be “endpoint flexibility”:  Allowing users to use the latest and greatest devices to connect to thier desktops.  Does that create a more or less secure computing environment?

Normally, when discussing VDI published securely through an application firewall or SSL-VPN, the thought is that this is a much more secure way of accessing corporate resources as the endpoint is only recieving screen updates and perhaps the occasional print job back to a local printer.

The connection between the end point and the virtual desktop is encrypted…and in some cases…twice…

However, are there other attack vectors to consider?

Key Loggers?  Well, I guess a key logger running on an untrusted device could capture the text of an email…but it’s going to be pretty hard to decipher what’s actually being typed as the user bounces from one applciation to another…but I guess it’s possible.

Video Screen Grabbers?  I haven’t heard of this one yet, but I guess it’s also possible that a virus or malware (this would be the ultimate in SpyWare) could be installed on an untrusted device that could capture the work being displayed on the screen and relayed to another location.  Once again…haven’t seen this one before but I guess it’s possible.

Now, a common response to this type of unsecure behavior occurring on an untrusted device could be countered by implementing some form of end-point scanning, which is pretty available on the commercially available SSL-VPN solutions…however…

…that requires an install onto the remote desktop, where the user may not have the rights to install such a scanner

…that requires the scanner to support the devices that the users are connecting with…and that goes against our desire to support as many devices as possible

…there is a managment effort with maintaining and supporting the scanner definitions

So…here’s my question…

How big of a security risk is something like a screen grabber running on a user’s desktop capturing the display of a remote session and are we missing other potential security risks by allowing end users to use untrusted devices to connect to our VDI systems?