Grafvision - Fotolia
Most thin client devices don't require malware protection, but PCs repurposed as thin clients do.
There is a huge variety of VDI thin client hardware on the market, and these devices have widely varying capabilities, but as a general rule thin clients are not extremely susceptible to malware. It's usually not worth an administrator's effort to add malware protection to these machines.
However, some organizations repurpose old desktop PCs for use as thin clients, and admins should add malware protection on those. Repurposed PCs often run a desktop operating system with a hardened security configuration and connect directly to a virtual desktop session. These devices are configured not to run software locally, but it is still technically possible for malware to infect a repurposed desktop. Malware on these types of thin client devices can also attack hardware redirection or hardware drivers, which might, for example, inject a key logger onto the device.
Of course, many organizations use traditional thin client hardware from vendors such as Dell Wyse and HP Inc., which typically consist of little more than a small plastic case with ports for the keyboard, mouse, monitor, network and power supply. These types of devices do technically contain an operating system, but the OS is designed to have an extremely minimal footprint and is not easily exposed to or exploited by malware. Most organizations do little, if anything, to protect the OS on traditional VDI thin client devices.
If they really need to, administrators can gain root level access to a thin client's OS and install antimalware software if the device has sufficient capacity. In most cases, repurposed PCs with a thick operating system are the only type of thin client that admins can add antimalware protection to.
By and large, thin clients don't really need malware protection because the odds of malware being able to reach and infect them are very low.
Guide to choosing and managing thin clients
Test your knowledge of VDI hardware
Use Citrix XenClient to change a PC to a thin client
The basics of mobile thin clients
Dig Deeper on Virtual desktop management
Related Q&A from Brien Posey
Although several newer tools are available, Microsoft roaming profiles is a simple and time-tested way to manage a user's profile across physical and... Continue Reading
SaaS application backup is increasingly prevalent, and for good reason -- it's critical for ensuring data protection. These five guidelines will help... Continue Reading
Admins may need to open the BIOS or UEFI interface to change BIOS passwords on Windows 10. This process isn't too complex, but IT pros should follow ... Continue Reading