Thin-Client and Information Security

Concept of thin-client, which has been around for a decade and half, is back in the limelight with cloud computing gaining considerable popularity and acceptance. It is, therefore, relevant to know how thin-clients aid information security.

Before we get into the security aspects of thin-clients, let us have a quick recheck of what a thin-client is. Typically, a thin-client consists of RAM, CPU and OS like Windows CE or Citrix which is embedded in the flash memory. They do not have hard disks and do not have USB or external storage access other than the central server to which they are connected.

Thin-clients score over fat clients in information security on the following grounds:

1. USB / pen drives / CDs are the major sources of viruses and malware propogation in an organization. By not having CD drives and USB access, thin clients straightaway contribute a lot in virus prevention.
2. Internet connectivity happens through one central location and therefore the network can be secured by securing the device connected to the internet.
3. If at all a virus enters the thin-client, it will reside in the RAM temporarily. When the thin-client is restarted the virus is gone.
4. Centralized anti-virus software deployment is sufficient and thereby results in lower software costs and administration time.
5. Since data is stored in central server, administration of data backup is very easy.
6. Patch management becomes easier as only the central server’s OS / application software needs to be patched up.