Coder + Island: The Modern Alternative to VDI for Developers

For years, companies have struggled with how to provide easy access to developer environments while also keeping their code bases secure. And while Virtual Desktop Infrastructure (VDI) was a practical solution at its outset (and the best available to IT teams at the time), today the laggy user experience has become especially frustrating for devs whose sole purpose is to build and ship as quickly as possible.

Used together, Coder and Island provide a secure and flexible alternative to VDIs that prevent source code exfiltration even at the critical “last mile” (i.e., a developer’s machine). In this article, we’ll discuss how VDI falls short in terms of both cost and developer experience — and how Coder and Island boost dev productivity without compromising security.

The problem with VDI for developers

Many businesses are becoming technology companies regardless of their core business. That means innovation in the company begins with the software engineer or developer. 

This has many enterprises wrestling with how to keep their software code — critical intellectual property — from falling into the wrong hands. One traditional solution has been VDI. In a VDI setup, developers write, test, and deploy code by logging in to a remotely hosted desktop. 

The advantage of using VDI was that all company source code was locked down to centrally managed machines. If a developer lost their laptop or someone hacked into it, intruders wouldn’t find any source to steal.

Unfortunately, VDI was never built to support a software development workflow. Developers who use them often complain about a laggy or unresponsive experience when typing into text editors.

Additionally, VDIs are often run on ephemeral Windows instances. Developers, however, need a persistent environment to save their work in progress. This results in lost time spent  re-architecting and re-engineering environments from a VDI backup.

Finally, VDI environments for developers are costly: 

• They take a lot of time to build and maintain
• They usually come with expensive licensing costs (Windows + associated software)
• They chew up compute costs, as they’re dedicated virtual machines that typically need to run for 20–24 hours daily

Create secure dev environments on demand

Together, Coder and Island offer an alternative: An enterprise browser combined with a cloud-native development environment hosted inside your enterprise network. 

With Coder, you can provision Cloud Development Environments (CDE), deploying lightweight, secure, and resource-efficient environments to your engineering fleet within minutes. Coder uses role-based access control (RBAC) to segment engineers and restrict access solely to their approved projects, and Terraform-driven Infrastructure as Code (IaC) to deploy dev environments to your own internal or cloud networks at scale. Coder serves as the front door to your dev environment and other development services, whether that be GitHub, GitLab, JFrog, Artifactory, etc. 

Island is an enterprise browser that offers a lightweight alternative to VDI while providing all the same security controls — all packaged inside of a familiar browser experience. After installing the Chromium-based Island browser on their corporate laptops, devs can connect securely using Single Sign-On (SSO) to their Coder environments. 

Using Island, your company can control every element of the last mile of data security. This includes restricting copy/paste, screenshots, screen sharing, downloads and uploads, and any other way someone might export data from a browser. 

The benefits of using Coder and Island over VDI

Who benefits from a move to Coder and Island? 

In short, everyone in the software development organization. Together, Coder and Island deliver a premium developer experience that addresses the core issues created by legacy VDI technologies.

For developers:  By eliminating the overhead of a VDI connection, Island provides a better user experience for developers while also providing more fine-grained controls for the security team. The result is a powerful one-two combination that keeps code secure while boosting developer productivity. 

For platform engineers: Coder is a scalable solution for onboarding developers no matter where they work. Using Coder, you can support a geographically distributed workforce with low latency via localized proxies.

Coder also keeps your code securely accessible within your own networks (e.g., via an internal address like coder.corp.com), keeping data off the public internet. Additionally, since Coder environments are containerized and deployed at scale using Kubernetes, you can leverage the most cost-efficient compute.

For CISOs: Traditionally, security teams have relied on expensive and clunky VDI solutions to secure data at the developer’s terminal. The Island enterprise browser provides a lighter-weight, modern alternative for last-mile data security that doesn’t create a drag on engineering workflows. 

Island and Coder removes source code from the local machine. Island’s comprehensive exfiltration controls prevent removing data via copy/paste, drag/drop, and all other known export methods. CISOs can prevent the escape of source code and sensitive data at the browser level. 

Island also makes it easy to connect directly to internally hosted Coder instances using Island Private Access. Private Access works with an organization’s Zero Trust Network Access (ZTNA) technologies to provide direct and secure access to privately hosted resources without using expensive and unreliable VPN connections.

For CIOs: Coder and Island enable the enterprise to reallocate its budget to accelerate innovation instead of wasting its money on VDI licensing and infrastructure costs. 

Demo: how Coder and Island  work together in practice

Let’s dive into how this works in practice — specifically, how Island protects code within Coder environments at the last mile. (You can also see this demonstration live.)

First, we use the Island enterprise browser to connect to a Microsoft Azure-based deployment running on Kubernetes inside our corporate network. We’ve logged in with SSO via Azure Active Directory with our user group already synced with Coder.

‍

‍

The Integrated Development Environment (IDE) here can be either the Microsoft version of VS Code Server running or Coder’s open source fork of VS Code, both of which run inside of the browser. 

(Organizations can choose which IDEs developers can access. The Coder fork of VS Code, code-server, is a version of VS Code optimized for Web usage; it hosts its own extension marketplace, supporting up to 95% of the extensions you’d find in standard VS Code. However, Coder isn’t opinionated here and supports a wide range of IDEs.) 

As we open some code, we’re prompted to sign into GitHub Copilot, which delivers Gen AI-powered coding assistance. So you can see here how Coder and Island provides a secure platform for accessing productivity extensions within your dev env.

‍

‍

Flexible last-mile protections

If we try to copy this line of code here, Island will tell us that cut and copy is disabled. However, on a different screen, we copied some code relevant to the projects we were working on. 

In other words, we can paste code into the environment — e.g., from a Stack Overflow post —  but can’t copy code out of it. You have a lot of flexibility here in what controls you implement and how. 

‍

‍

Another example of last-mile protection is file downloads. Here, we attempt to download a Golang file but the Island browser blocks it. 

‍

‍

Again, Island offers powerful dexterity here. You can implement different rules based on the file extension and even scan for particular lines of code that might be sensitive to the business. You can, for example, implement a regular expression that allows the download to proceed if it doesn’t match. In other words, you can tailor Island to the specific needs of the business and also provide a good developer experience. 

You can also control the download destination. For example, you can permit downloads only to a corporate Office 365 OneDrive, a DropBox account, a corporate file mount, or a cloud storage location dedicated to that user. 

One question that often comes up is, “Can’t you work around this by accessing Coder in another browser?” To thwart this, you can set a conditional access policy — here, we set one in Azure — that prevents accessing Coder through any browser but Island. 

This funnels the entire dev experience through Island. It even opens the door to implementing a Bring Your Own Device (BYOD) approach so that your third-party contractors can access dev envs securely on commodity hardware. You can even specify base criteria for BYOD clients, such as endpoint security. 

Administration and monitoring

Island also provides an administrative interface your system administrators can leverage to monitor usage. Here, we access our Island tenant, where we can see all of our Coder Prod instances that are currently running.

‍

‍

An administrator can click through and view the specific events that occurred within a Coder instance. In each individual instance, we can see details we’d never see on a network capture: 

• Web navigation, clicks, save events, print events, screenshot attempts
• API and background calls that happen between clicks and navigations
• Whether clients are compliant - i.e., that they have disk encryption enabled, they’re using up-to-date endpoint protection, etc. 

In other words, not only can you control all of these elements, you can log them as well. You can even adjust the logging to afford users personal privacy — e.g., removing certain details from the logs if the user accesses a personal Gmail account. 

Coder and Island: the Future of Dev Environments

Coder enables provisioning and deploying fully configured, lightweight developer environments within your private networks. By coupling the Island enterprise browser with Coder, you can implement flexible code protection rules and device security requirements without sacrificing developer experience. 

The result is a win-win for both developers and the company. Developers get immediate, low-latency access to full dev environments from anywhere. Your company, meanwhile, will enjoy increased developer productivity and a more secure code base — all at a significantly lower price point than a traditional VDI solution.

To learn more about how Coder and Island work together to boost developer productivity and code security, watch the full, on-demand demo.

‍