All posts

The 'thin VDI' approach to cut costs and improve developer velocity

@loujaybee's avatar on GitHub
Lou Bichard / Product Manager at Gitpod / May 22, 2025

Learn how Fortune 500 companies are replacing costly, bloated developer VDIs with a secure and efficient alternative for software development: thin VDI paired with Gitpod.

Enterprises with global contractor workforces face the challenge of providing secure development environments without the expense and logistical headaches of shipping hardware. For many security-conscious organizations, VDIs have been the default solution, but at a significant financial and productivity cost.

This post explores how combining a thin VDI approach with developer-first environments deliver not only better security but lower costs whilst ensuring developer productivity.

VDIs are a hard requirement for remote workforces

Before examining alternatives, it’s important to understand why VDIs became the standard solution for enterprises with distributed teams. Virtual Desktop Infrastructure (VDI) enables enterprises to maintain strict security controls while supporting global teams with:

  • Centralized security and access control for environments
  • Controlled code access and prevention of exfiltration
  • Compliance with enterprise security policies
  • Global hardware flexibility without physical shipping

VDIs solve for access, not engineering outcomes

However, while VDIs address security concerns they also create problems when applied to software development. Traditional VDIs create significant pain points for development:

  • Non-persistent environments waste hours on daily setup and configuration
  • Linux-optimized tools struggle in Windows-based environments
  • Video streaming creates slow responses for IDE operations
  • Security scanning consumes resources needed for development
  • Developer-grade licenses cost hundreds per user monthly

While traditional VDIs force organizations into an impossible choice between security and developer productivity, the thin VDI + Gitpod approach finally eliminates this tradeoff, delivering both robust security and effective development capabilities in a single, cost-efficient solution.

Read more: Writing software with chopsticks: the challenges of Virtual Desktop Infrastructure

The thin VDI and Gitpod approach

This approach combines lightweight virtual desktops for secure access but with development environments running in your AWS account, reducing costs while maintaining strict security controls. All development happens still within your secure infrastructure—with no code on local devices—making it ideal for managing global contractors without shipping hardware across borders. Unlike full-size developer VDIs, ‘thin’ VDIs are:

  • More cost-effective (60-70% less than developer VDIs)
  • Easier to manage (no software-specific maintenance)
  • Security-focused (access-only functionality)

Gitpod then provisions development environments which run directly in your AWS account. These development environments are:

  • Purpose-built for development workflows
  • Pre-configured with all required tools
  • Automatically cleaned up after use
  • Customizable via dotfiles
  • Compatible with major IDEs

See Setting up AWS runners for Gitpod and Gitpod can do that? 5 AWS integrations from VPCs to Workspaces for more.

Here’s how the developer workflow looks:

  1. Developers access a thin VDI for basic access control and communication
  2. Gitpod provisions high-performance development environments in your AWS account
  3. For development work, they launch Gitpod environments directly from the VDI

All the while code, secrets, and data remain within your infrastructure, behind your firewall. Despite its sophisticated architecture, implementing Gitpod is straightforward:

  • Deploy a CloudFormation in your AWS account (approximately 1 hour)
  • Configure networking to meet specific security requirements or use defaults
  • Connect to your identity provider and source control systems

Saving costs with the thin VDI approach

Replacing full developer VDIs with thin VDIs paired with Gitpod development environments can significantly reduce infrastructure costs. The savings come from three main sources:

  1. Thin VDIs require substantially less computing power than developer-grade VDIs, typically reducing per-user license and infrastructure costs by 60-70%.
  2. Gitpod development environments operate on a usage-based model rather than dedicated 24/7 resources, eliminating wasted capacity.
  3. Automatic timeout features ensure resources are released when not actively used.

See the pricing ROI calculator to estimate your potential savings.

Thin VDIs and Gitpod in action at a leading financial services company

To see this approach in action, consider the experience of a regulated financial services company that has adopted Gitpod. Before the switch, they struggled with traditional Windows-based VDIs that were fundamentally mismatched with their Linux production environments, creating ongoing compatibility issues. Their security tools consumed nearly a quarter of available computing resources, severely degrading performance for developers.

After implementing the thin VDI + Gitpod solution in their AWS account, they saw immediate improvements. “Security scanners no longer disrupt development flows,” noted their platform lead. “With standardized Linux-based development environments, we’ve eliminated the compatibility gap with production and removed the need for maintaining Windows-specific scripts.”

Likewise, developer onboarding time dropped dramatically. “Previously, setup took a full day of following complex guides. Now it’s just a single click to open Gitpod,” their team explained. The air-gapped installation with private networking connections satisfied their strict security requirements while delivering a vastly improved development experience.

Why you need both: VDI + Gitpod

To successfully enable remote development, especially for contractors, you need both a thin VDI and Gitpod working together. Gitpod isn’t a full virtual desktop—it’s specifically designed for software development. While excellent for coding, testing, and building applications, it doesn’t handle everyday activities like sending emails, browsing the internet, or using communication tools. For these essential business functions, you need a VDI.

However, trying to use a VDI alone for development creates serious problems. VDIs simply aren’t built for software development workflows. Developers quickly become frustrated with performance limitations, incompatible tooling, and constant configuration issues. Companies face spiraling costs as they try to upgrade VDIs to handle development workloads, only to discover the fundamental mismatch remains. You end up with security but developers who can’t effectively do their jobs—defeating the entire purpose.

The combined approach gives you the best of both worlds. The thin VDI provides secure access and supports general business applications, while Gitpod delivers purpose-built development environments that are isolated, secure, and optimized for developer workflows. Each component does what it’s designed for, creating a complete solution that satisfies both security requirements and development needs.

Read more in: A CISO perspective: how Gitpod helps increase developer security without compromising productivity

Frequently asked questions

Is this approach as secure as traditional VDIs? Yes. All code remains in your cloud behind your network with the added benefit of secure short-lived isolated development environments.

How does this work with our existing identity management? Gitpod integrates with SSO and source control access to maintain existing security boundaries.

What if developers need desktop applications beyond development? The thin VDI handles these needs while Gitpod manages development workloads, preventing resource contention.

What if we have specialized development tooling requirements? Gitpod supports Docker containers that your platform team can customize to supporting a range of needs.

How does networking work between environments and internal resources? Gitpod runs in your AWS VPC, allowing you to configure network access according to your security policies without exposing internal resources to the public internet.

Will developers experience latency? Gitpod runs in your region(s) of choice to minimize latency. Gitpod is heavily optimized to reduce any keystroke latency and with normal internet connections the experience has imperceptible differences in latency.

How do we control costs if developers can spin up their own environments? Gitpod includes automatic timeouts to shut down idle environments, environment class limitations, and detailed usage metrics. Organizations can set policies that control which classes are available and how long environments can remain idle before shutdown.

How does this work for globally distributed teams across multiple regions? Gitpod runners can be deployed in multiple AWS regions to minimize latency for distributed teams.

Want to optimize your VDI strategy? Download our comprehensive whitepaper to learn how to enhance your development environment with Gitpod.

Standardize and automate your development environments today

Contact sales Try now for free

Similar posts