The most important data to secure is yours. While some industries like to claim their data is more valuable, and some have laws forcing them to be particularly careful, your data security is paramount. You need to keep unauthorized people from accessing or walking off with something that doesn’t belong to them.
Companies already recognize the vulnerability of laptops. One ThinManager customer will let you bring your own laptop into their facility, but on the way out they will literally drill holes through your hard drive. A little over the top? Maybe, but they test nuclear weapons, so it could be a lot worse…
Firewalls are great, but the physical security threat to data needs to be addressed as well. Microsoft tells us that in the first half of 2008 almost two out of five data losses came because someone simply walked off with the records. How many stories have you heard about a missing laptop with sensitive data? Voter registration lists, health records, TSA and military data, even FBI records have all been exposed simply because the data resided on a local machine. These incidents represent literally millions of records. It is the unfortunate truth – PCs and laptops are susceptible to abuse, misuse, security compromises and theft.
Thin Clients are inherently secure because there is no data at all stored on the client. Someone who grabs a Thin Client and bolts out of the building will end up with just the hardware. The Thin Client won’t even be useful without a Terminal Server.
It is not just data that is important. With the threat of viruses, malware and spyware application integrity is threatened as well. Operators frequently have idle time around their work stations, and this unrestricted physical access gives them a great deal of opportunity to tamper with the device. With Thin Clients he may be able to physically destroy the client but he cannot affect application integrity. This is extremely valuable to a company that requires audit assurance or operating security to protect against unauthorized use, deliberate sabotage, or information manipulation. Thin Clients do not provide the access to the system that a PC does, and they cannot be hacked.
The US Department of Energy recognized the security benefits of Thin Client technology. Here is a quote from a 2009 report:
“In addition to energy and acquisition cost savings and reduced environmental impact, the use of thin-clients can significantly enhance the Department’s ability to protect sensitive unclassified information by centralizing cyber security controls. Specifically, thin-clients would have permitted the Department to more effectively implement security vulnerability patches through consistent and timely patch management. In addition, user permissions, such as defining what types of devices (i.e., devices such as flash or portable hard drives) may be connected to the machine, could have been more easily controlled. Industry research has found that thin-client computing has many additional benefits, including more effective management of software licenses and increased reliability of hardware.”
Without question, Thin Clients are a technology that should be investigated for companies looking to protect themselves from many of the threats they are facing today.