| Apache Guacamole is FLOSS actually, RustDesk as well, while not much known they do offer such service already, Guacamole as a web-desktop, RustDesk as a classic desktop sharing app. But honestly we do not need this paradigm, we do need file sharing and syncing in a classic real desktop paradigm. Remote desktops are a kind of new dumb terminals and mainframe model, useful for people that can't really work remotely. Just as a personal experiment I've tried a different distributed enterprise work model: - employees receive a new desktop at home, not a laptop, empty storage media AND a usb stick with a self-installing ciphered live distro, they get the key from other media, there are various options like "after you get the iron write down the serial on it and we reply back with the key" or direct paper mail and so on; - they mount their work desktop in their own work desk, plug the USB and first boot. The live image auto-install and offer a recovery desktop environment with SSH (reverse proxy) and remote desktop (RustDesk for instance) so in case of trouble they can receive support even at this stage; - they boot their newly installed system and it start syncing relevant data form company servers; - they works locally as much as possible syncing back data to the company as frequent as possible, of course certain dataset can't be locale because of the size etc, but most users do not work on such large/high-bogomips stuff, the rest is typically some WebApp. Local systems are FDE and demand a smart-card and it's pin to log in; - a spare machine can be delivered NBD and similarly deployed, the broken one being FDE can be sent back issueless, data sync avoid the employee running away with valuable stuff, oh, yes, nothing can stop him/her to copy company data and do nasty things with them but... It's not really different in an office. If you can't trust your employee and still need to give them complete usable data there is no IT protection, you can act only at human level. Well, the above is a simple dumb paradigm but the purpose is just showing that: - we need to have IT match company structures/human life - we need to be resilient not creating more SPOF - it can be done with what we already have, it's more a matter of habit then tech |