loader image

Q&A: The new face of security – Thin & zero clients

Patricia C

The first thin client was introduced more than 20 years ago to address the cost, complexity and security challenges of non-traditional work environments. Today, the use cases for thin clients are only growing, as IT teams struggle to simplify their management processes, and companies place more focus on security than ever before.

Thin clients remain the most reliable, easiest-to-manage, most energy-efficient and highest-security endpoint option available and are the driving force behind virtual desktop infrastructure (VDI), a common enabler of today’s mobile workforce. To make this technology even more appealing and accessible, the cost of VDI is dropping.

All of these conditions have led to a growing adoption of thin clients among industries that might never have considered this technology, or been able to afford it, in the past.

1. What key benefits can businesses expect from deploying thin clients?

Thin clients are typically implemented to address organisations’ growing need for security and to control data centrally without creating more complexity for IT teams. As no data resides on the endpoint, thin clients are inherently secure as end users can access and use the data while it resides securely in the data centre.

It is also easy for IT to manage and deploy thin clients. The image can be deployed to hundreds or even thousands of thin clients through a centralised management pane, as opposed to traditional endpoints that have to be imaged and deployed individually.

Finally, thin clients are cost-effective for organizations. Because thin clients have limited components and no moving parts, they have a long lifecycle – about six to eight years on average – and a less than one per cent failure rate, which is about four times better than other options. They are also very power efficient. Wyse zero clients use about 90 per cent less energy than a standard PC, while traditional thin clients use as little as one-seventh the power of a standard PC.

2. Are there specific industries that are adopting thin or zero clients over others?

The use cases for thin and zero clients are expanding due to a variety of factors: the workplace is evolving – people are working on multiple devices from multiple locations, and at the same time, security has never been more important as cyber threats continue to grow. The cost and complexity of VDI has been decreasing steadily, while the performance and positive user experience has been progressively increasing.

With the lower costs of thin clients, many industries that need to provide additional mobility to their workers find that they can provide a thin client and a tablet device at the same cost as a new desktop.

VDI adoption has traditionally been the domain of highly regulated industries, and one sector where we’re seeing rapid adoption is healthcare. Doctors are using their own devices to access electronic medical records (EMR), whether they’re in hospitals or medical offices or on call. The nursing and clinical staff need to access these EMRs as well, so there is a need to maintain data integrity, security, and the flexibility for a number of healthcare workers to access the same file from multiple locations. Compliance regulations such as HIPAA require that the right controls are in place to ensure patient confidentiality and the security of those files. VDI is a particularly powerful solution in this environment because, in essence, it turns user devices into simple screens and keyboards for the server-based applications, keeping the data in one centralized location.

A prime example is the Watershed Addiction Treatment program, which used its private cloud and VDI technology to provide six-second access to EMRs. This helps medical staff collaborate across multiple locations as expeditiously as if they were at the same site. While Watershed’s old system was slow and unreliable, employees can now work securely and productively from various locations on a variety of devices.

3. Do you see security playing a larger role in thin client adoption?

Absolutely. The desire to ensure the highest level of security, while simultaneously alleviating the burden on IT departments, is making thin clients an appealing option for many organizations, not just those in highly regulated industries.

Recent research from Freeform Dynamics highlighted the growing appetite for the inherent security of thin clients, demonstrating that businesses are beginning to integrate thin and zero client solutions more widely into their overall IT strategies. The report showed that 69 per cent of business leaders believe the improved security associated with thin and zero clients is a significant benefit to their organization, while 70 per cent say these solutions have a natural role to play in a modern corporate environment.

Further, businesses are looking for solutions that don’t burden finite IT resources, and are increasingly investing in solutions that can remain completely secure throughout their lifespan without the need for constant updates.

4. What makes thin and zero clients more secure than traditional PCs or laptops?

The difference between a thin or zero client and a traditional PC or laptop is that with thin and zero clients, no data resides on the endpoint.

Today, 95 per cent of all security breaches start on just one endpoint, so a virtual desktop environment where the apps and data reside centrally in the server can significantly reduce the risk of data loss or theft, malware and ransomware attacks.

5. How do thin and zero clients maintain data integrity without compromising IT control and security?

Thin and zero clients are inherently secure. They enable IT departments to centrally control and manage the data, as it resides in the datacenter and is accessed remotely on the endpoint but does not ever reside there.

This also helps maintain data integrity as the data itself stays in one place, even when accessed remotely by several people. Issues like version control when multiple people in remote locations are accessing files, for example an engineering firm with employees in the field, are therefore mitigated. Work from home becomes easier as well, since workers can use a thin client for work, while the family shares the PC for personal activities. This prevents the need to share a single device, and ensures that software loaded onto the PC by family members does not affect the security of the work activities.

6. Why do zero clients provide a superior level of security, and what does a zero attack surface mean?

Zero clients give customers an even higher level of security because nothing is stored on the device itself, and the brains of the device is simpler and easier to protect. Whereas traditional PCs maintain surfaces where threats can take hold – for example operating systems, CPU or memory – zero clients don’t include common target operating systems like Linux or Windows, making the endpoint virtually impenetrable to device or network-borne attacks.

This is what is meant by the term zero attack surface – there is nothing for malware to attack. Valuable data is instead securely stored in the datacenter and is streamlined to users through encrypted protocols.

7. With cybercriminals becoming more sophisticated, is it safe to assume that thin clients will become a bigger target?

Thin clients offer far fewer opportunities for cyber criminals, but that does not mean that they’re 100 per cent immune from those determined to get in.

Although data does not reside on the edge with a VDI solution, it is still possible for malware to infiltrate a network through a locally accessed web browser, USB stick or other locally connected peripheral devices. To prevent security attacks, organizations should ensure that all endpoints, especially those with a popular and well understood OS like Windows or derivatives, incorporate specific security solutions that offer advanced threat protection capabilities – some effective solutions have recently become available.

That said, the majority of cybercriminals will look for the path of least resistance – the unpatched software, the employee who falls for a phishing scam – and thin clients provide much greater protection, and therefore are in themselves a deterrent from the crimes of opportunity.

8. Where do you see the thin client market heading in the next five years?

We expect to see increased adoption of thin clients and VDI outside of regulated industries, particularly in the mid-markets. The greater accessibility and ease-of-use of VDI appliances will help mid-size businesses adopt VDI in a way that is easy to deploy and can scale cost-effectively from 75 to 5,000 seats. We also see use cases for the thin client concept emerging as IoT display devices – more on this to come.

There’s no doubt that companies will also continue to put greater emphasis on security and simplicity in order to support business initiatives, and VDI is poised to meet those needs in a manageable and affordable way.