Grafvision - Fotolia
Most thin client devices don't require malware protection, but PCs repurposed as thin clients do.
There is a huge variety of VDI thin client hardware on the market, and these devices have widely varying capabilities, but as a general rule thin clients are not extremely susceptible to malware. It's usually not worth an administrator's effort to add malware protection to these machines.
However, some organizations repurpose old desktop PCs for use as thin clients, and admins should add malware protection on those. Repurposed PCs often run a desktop operating system with a hardened security configuration and connect directly to a virtual desktop session. These devices are configured not to run software locally, but it is still technically possible for malware to infect a repurposed desktop. Malware on these types of thin client devices can also attack hardware redirection or hardware drivers, which might, for example, inject a key logger onto the device.
Of course, many organizations use traditional thin client hardware from vendors such as Dell Wyse and HP Inc., which typically consist of little more than a small plastic case with ports for the keyboard, mouse, monitor, network and power supply. These types of devices do technically contain an operating system, but the OS is designed to have an extremely minimal footprint and is not easily exposed to or exploited by malware. Most organizations do little, if anything, to protect the OS on traditional VDI thin client devices.
If they really need to, administrators can gain root level access to a thin client's OS and install antimalware software if the device has sufficient capacity. In most cases, repurposed PCs with a thick operating system are the only type of thin client that admins can add antimalware protection to.
By and large, thin clients don't really need malware protection because the odds of malware being able to reach and infect them are very low.
Guide to choosing and managing thin clients
Test your knowledge of VDI hardware
Use Citrix XenClient to change a PC to a thin client
The basics of mobile thin clients
Dig Deeper on Virtual desktop management
Related Q&A from Brien Posey
Your organization could accomplish Microsoft Exchange backup with native protection or through third-party offerings. It all depends on what you are ... Continue Reading
Edge data storage backup has become a key component of data protection plans. File sync-and-share software can complement this important backup ... Continue Reading
Some older file formats continue to find life in the enterprise decades after they were developed for their versatility -- in certain situations. Continue Reading