CloudJumper Blog

CloudJumper Keeps End Users Safe From Meltdown and Spectre


Don’t worry – thanks to our many layers of protection and security best practices, the Meltdown and Spectre flaws won’t put CloudJumper partners’ end customers at risk.

Often these days, poor IT security comes down to something like human error, and lack of awareness on the user’s part. It’s less often that there’s a widespread design flaw discovered in the technology itself, as is the case with the Meltdown and Spectre flaws.

The Register published an article last week detailing how every Intel processor produced over the course of the last decade is affected by a design flaw that would allow malicious programs to access and read what should otherwise be protected areas of a device using an Intel processor. Since then, the flaw has expanded to ARM processors as well and has taken the names Meltdown and Spectre.

What does this mean for Intel and ARM users? This flaw could allow cybercriminals to access valuable information and steal company data, install ransomware and demand bitcoins, and generally wreak havoc. It’s possible that something as simple as JavaScript on a webpage or a cloud-hosted malware could penetrate the most interior levels of an Intel or ARM-based device.

What’s more, a foundational flaw like this can’t be patched with a simple, everyday update – the problem is in the hardware, which means it needs an OS-level overwrite for every single operating system (Windows, Linux, and macOS).

Even worse, many experts are painting the extent of the issue with a broad brush, claiming that it will put cloud-based businesses at even greater risk than those with traditional IT infrastructures – that’s not necessarily true, depending on the type of cloud solution you’re using.

Let’s Set the Record Straight: DaaS vs WaaS

We talk a lot about the difference between DaaS and WaaS, the difference between putting the pieces together yourself versus marketing our turn-key WaaS solution that we have been developing and improving for more than 18 years. 

When a CloudJumper partner brings us a new end customer for our Cloud Workspace®
Workspace as a Service (WaaS) solution, we manage every single layer of the stack, including, very specifically, the security layer.  We take security very seriously, and after 18 years of working in the cloud, we know what are doing.  Yet, we continue to evaluate our security measures every day, always improving them.  That is why our partners’ end customers were safe when the WannaCry ransomware threat hit last spring, and that is why they are now safeguarded against Meltdown and Spectre. 

Desktop as a Service (DaaS) is not turn-key!  As an MSP attempting to build your own DaaS solution, putting all of the pieces together yourself, isn’t just tough, it is fraught with unseen landmines, especially when it comes to security.  This is where it becomes critical, because doing it just good enough is doing it horribly, and it will cause your customers to have a security breach. 

It may work well enough for a while, but eventually, threats like Meltdown and Spectre come along.  Building your own DaaS solution means you will oversee a combination of vendors who will most likely point a bunch of fingers at each other and put the onus on you to figure out why your end customer no longer has access to critical company data or why they are being asked for $200,000 in bitcoin to regain access to their network.  It will happen…are you prepared? 

Let’s consider how seriously we take the security of our Cloud Workspace®
solution. We maintain comprehensive layers of security and best practices that keep our partners and their end customers safe from threats like Meltdown and Spectre.  Our multiple layers of safeguards include:

  • Security Solutions | Intrusion Detection Systems, anti-virus software and other multi-layered security tools are used at all CloudJumper access gateways to minimize any attack vectors and threat exposure.
  • End User Security | End users don’t have admin capabilities by default, which means they can’t accidentally execute malicious code or software as a part of a cybercriminals’ social engineering scam.
  • Password Protection | Our password policy ensures that users have strong, complex passwords. We also offer Two Factor Authentication so that in the event a password is stolen, the user will still need to authorize any login attempt through their mobile device personally.

This all may sound like basic, “common sense” security, and in a way, it is. What makes CloudJumper and WaaS different — and more secure — than other cloud providers is that WE manage these multiple levels of security for our partners and their end users, ensuring a comprehensively secure cloud workspace from the top down.

Furthermore, another of our best practices is to ensure that any exploits — even those that would be eliminated by our multiple layers of security — are properly patched, which we’re currently completing with our partners and IaaS locations across the country.

By now, I think you get it: CloudJumper takes security seriously. In addition to storing our partners’ file applications and other data in world-class data centers, we also follow proven best practices to ensure our many clients are kept safe. Remember the WannaCry epidemic from last summer? As per our regular maintenance practices, we had patched the vulnerability in question long before WannaCry hit, which meant that as thousands of organizations around the world reeled from the attack, each and every one of our MSP partners and their many end users were 100% protected long before it even started.

The fact is that, by now, you already know if you’ve made the wrong choice when it comes to cloud computing. When news about the Meltdown and Spectre flaws broke, did you panic? Did you worry about your DaaS solution and the customers you have deployed on it?  Were you less than satisfied with vendors’ responses? Don’t let it happen again – start working with CloudJumper today to see all the benefits (security and otherwise) that come with Cloud Workspace®.


Reach out to the CloudJumper team today at or (844) 645-6789 to learn more about our security best practices and how they will keep you and your end users safe. Follow us on social media: Twitter | Facebook | LinkedIn

Why We Blog

At CloudJumper, we are a team of thought-leaders, always seeking to answer, what if? That’s how we came to build the industry’s most robust and easiest VDI/WVD orchestration & management tool.

We seek to bring that same energy to our blog. Weekly, team members from across our company come here to share their thoughts, opinions, and observations about what makes the cloud go. Want to add your own opinion?

We’d love to hear from you! And please remember to share our postings.