← Back to Resources Cloud Security

Azure Virtual Desktop (Formerly Windows Virtual Desktop): The Windows Desktop From the Cloud

By Dennis Kionga April 15, 2020 6 MIN Updated: June 14, 2026

Note: Microsoft has since renamed Windows Virtual Desktop to Azure Virtual Desktop (AVD). This article has been updated accordingly; technically and conceptually it describes today’s service.

Distributed work has changed what we need from a workstation: the desktop has to be reachable from anywhere, on any device — without company data ending up on personal hardware. Azure Virtual Desktop (AVD) delivers exactly that: a full Windows desktop running in Azure, accessible from Mac, iOS, Android and HTML5.

The Key Strengths

  • Multi-session Windows. Several users share a single virtual machine simultaneously — with full application compatibility. That cuts the cost per workstation considerably.
  • Native reach from virtually any endpoint, including the browser
  • FSLogix profiles. Containerised user profiles attach dynamically at login — fast sign-in, consistent experience
  • Security via Entra ID. Integration with multi-factor authentication and Conditional Access makes access identity-driven and controllable

Licensing

The decisive cost advantage: organisations with existing Microsoft 365 subscriptions (e.g. Windows Enterprise E3) can use AVD without an additional desktop licence. You then essentially pay for the Azure infrastructure — VM size, runtime, storage and any reservations. That’s also the biggest lever on total cost: correct sizing and a well-considered scaling concept.

What Matters When Securing It

A cloud desktop shifts risk but doesn’t remove it. Three things decide:

  • Identity is the new perimeter. Without MFA and Conditional Access, an AVD login is only as strong as a password.
  • Session hosts must be patched and hardened like any other Windows server.
  • Data egress via clipboard, printing and drive redirection should be governed deliberately by policy.

How Cloud Cape Helps

AVD is rarely an isolated project — it touches identity, network, licensing and security all at once. In our Consulting & Project Management engagements we guide design, sizing and secure rollout; the identity-based protection fits cleanly into a Security Service Edge architecture.

Talk to us about Consulting & Project Management — we bring cloud desktop and security together from the start.