Are cloud-based PCs the future of the enterprise?

Screenshots from two Cloud PC systems
(Image credit: IT Pro)

This article originally appeared in issue 27 of IT Pro 20/20, available here. To sign up to receive each new issue in your inbox, click here

Businesses have accelerated their transition to the cloud over the last two years, shifting everything from applications and services to data storage. The mass shift to remote working also saw companies migrate assets to the cloud 24 times faster than before, according to Synergy Research Group, with enterprise spending on cloud infrastructure services growing by 35% to $130 billion in 2020.

Tech giants have since invested heavily in their respective cloud services, with two of the largest – Microsoft and Google – going so far as to debut a cloud-based operating system (OS). Microsoft launched Windows 365 Cloud PC last year, while Google recently issued its own in the form of Chrome OS Flex.

With businesses stepping up their cloud migration efforts, and reaping the widely-touted benefits, could streamable OSs, beamed into machines through the internet, come to replace traditional terminals across the enterprise?

Windows 365 vs Chrome OS Flex

Microsoft’s Windows 365 is a cloud-based service designed for the hybrid work era that automatically creates a new type of Windows virtual machine (VM) – or Cloud PC – for each user. All Windows 10 and Windows 11 devices are compatible, and the session can even be streamed to hardware running macOS, iPadOS, Linux and Android. You’ll also get access to Microsoft 365 apps like Word, Excel, and PowerPoint.

Microsoft touts its networking performance as being superior to your physical device, too. Because your Windows 365 instance is hosted in a high-performance data centre, you're benefitting from the connection speeds in that data centre rather than that of your on-site broadband connection.

Google’s service, while not as fully-fledged, offers a similarly modern take on VMs. Branded Chrome OS Flex, this streamable OS is designed for businesses aiming to deploy a universal system without splashing out on new hardware. The new OS can be installed on any PC and Mac within minutes, according to Google, and should feel identical to the traditional Chrome OS you’d find on a Chromebook, as it's built from the same codebase.

Google also promises fast deployment and easy management for IT teams, built-in enterprise security controls, and claims, due to the cloud-first nature of the software, devices will boot quickly and won’t slow down over time.

Migrating your desktop to the cloud

Microsoft’s launch of Windows 365, and its underlying platform Azure Virtual Desktop, is a clear signal that streaming Windows from Azure is a modern way to deliver IT services, says Vadim Vladimirskiy, CEO of IT as a service provider Nerdio.

“The overall shift to the cloud, accelerated by the pandemic, supply chain issues, and work-from-anywhere, has greatly accelerated the adoption of desktops in the cloud,” he says. “Desktop is the largest core IT workload that has lagged significantly in transitioning to the cloud behind other popular workloads like email, servers, databases, and applications. Over the next several years, OS streaming will grow significantly as more and more endpoints are virtualised and delivered through the cloud.”

The Windows 365 Switch interface

(Image credit: Microsoft)

Microsoft launched Windows 365 Cloud PC last year

Jason Rees, VP and head of Technology Solution Engineering, EMEA at Oracle, agrees, telling IT Pro cloud-based operating models are the future of IT. “Enterprises need to look for targeted changes like how to drive efficiency or deliver services faster and take advantage of cloud-based operating models to deliver meaningful and specific changes,” he says. “Having the ability to burst up and down as and when needed ensures companies can cope with peaks in demand while not having to pay as they experience lulls. This is a huge benefit for all types of teams and industries.”


Microsoft 365 protection made MSPEasy

The cloud protection solution built for MSPs


Despite the prospective benefits, it’s clear this model won’t work for everyone; on Chrome OS Flex, for example, organisations can’t install any non-web applications. Google and Microsoft’s subscription-based systems not only won’t appeal to all businesses, but many will also suffer compatibility issues with their bespoke systems.

Windows 365 and Chrome OS Flex could offer major benefits to particular industries, however, such as healthcare, where data security is key, according to Scott Orton, senior cloud security consultant at Adarma. “They require heavy control over their desktop environments or can run their operations using entirely cloud technology such as software as a service (SaaS)-based solutions that are delivered through a web browser,” he tells IT Pro. “In both instances, this approach and degree of control make it significantly more difficult for troublesome users to extract data from the business environment.”

Industries in which there’s a distinct lack of IT infrastructure, too, could modernise their IT operations through the adoption of streamable OS, according to David Dudman, COO at Jigsaw24. “With a mere 4/5G dongle in hand, and a laptop under their arm, employees can access their corporate apps and tools with little to no effort through cloud-based OS systems,” he says. “The key element of streaming an OS is that the bandwidth requirements are static and predictable, so excess data charges and loss of connection when using these 4/5G connections can be easily managed.”

A cloud-based OS could also be useful for organisations in which outsourcing is commonplace, explains Dan Coleby, modern workplace product director at Content+Cloud. “Businesses can provide their corporate desktop environment through a cloud-based OS, enabling the outsourced worker to use their own device,” he says. “This not only reduces the requirement to provide devices to outsourced teams; it also allows the business to maintain control over applications and security.”

Integrating security by design

Just as it’s evident a cloud-based OS won’t work for everybody, it’s also clear making the transition won’t be without its challenges. That’s particularly true from a cyber security point of view. Microsoft and Google have both touted the enterprise security credentials of their respective OSs. In practice, however, they’re a challenge to properly control from an information security perspective, Samir Desai, director of managed security services at GTT, tells IT Pro.

Screenshot of Google's cloud-based operating system Flex OS

(Image credit: Google)

Like Microsoft's Cloud PC, Chrome OS Flex has been developed with hybrid work in mind

“They’re not always fully visible to the teams responsible for controlling company data security,” he explains. “CISOs, therefore, need to optimise their security posture to accommodate for this potential additional threat surface. The answer lies in considering incorporating a security concept called Cloud Access Security Broker (CASB) services, which is a key component of the Secure Access Service Edge (SASE) framework. CASB is a function that either sits in the path of cloud-destined traffic, or receives firewall logging information relating to cloud resource access, and uses this information to build a clearer picture of the cloud resources in use by all users. It also permits direct enforcement of IT policy around access to, and from, data that may be stored in different cloud applications.”

Businesses embracing a cloud-based operating system for their IT estate need to embrace a zero trust approach to security to ensure that workloads remain protected, Vladimirskiy adds. “Zero trust is the cyber security buzzword of the day, and for good reason. With cloud-delivered IT resources, there’s no longer the concept of network perimeter and all workloads need to be protected all the time. Fortunately, Cloud PCs are inherently a zero trust native service. This is because Cloud PCs are integrated deeply into Microsoft's identity service – Azure AD – which is all about zero trust principles.

“Migrating users from physical endpoints to cloud desktops tends to improve an organisation's security posture by enabling zero trust, reducing the surface area of attack, and giving admins an easier way to monitor and remediate any issues that may come up.”

Carly Page

Carly Page is a freelance technology journalist, editor and copywriter specialising in cyber security, B2B, and consumer technology. She has more than a decade of experience in the industry and has written for a range of publications including Forbes, IT Pro, the Metro, TechRadar, TechCrunch, TES, and WIRED, as well as offering copywriting and consultancy services. 

Prior to entering the weird and wonderful world of freelance journalism, Carly served as editor of tech tabloid The INQUIRER from 2012 and 2019. She is also a graduate of the University of Lincoln, where she earned a degree in journalism.

You can check out Carly's ramblings (and her dog) on Twitter, or email her at