From a security standpoint, the primary advantage to using thin client or zero client devices for desktop virtualization...
is that they prevent end users from having direct access to the endpoint operating system.
End users and network endpoints represent the biggest security vulnerabilities associated with traditional client/server computing. We have all dealt with, or at least heard stories of, end users installing unauthorized and potentially infected software onto their desktop PCs, deleting system files, copying sensitive data to removable storage devices, or perhaps falling victim to a malicious website. These problems typically go away -- or are greatly reduced -- by using thin clients or zero clients.
Thin clients are endpoint devices with limited storage and computer processing capabilities that function through a network connection to a serer in the data center. Zero clients take it one step further and don't include any local storage. On typical thin clients or zero clients, users do not have local access to the desktop OS and are not able to install software from or copy sensitive data to removable media. These types of devices often don't include USB ports, making the use of removable media impossible. Thin client devices are also generally resistant to tampering, so the odds of the device becoming infected with malware are very slim.
Although thin client vendors such as Dell Wyse advertise "virus-immunity," using a thin client device does not completely mitigate the risk of malware infection. For example, if a user visits a malicious website, an infection is still possible, but it would affect the virtual desktop OS rather than the thin client. Thin client devices never make direct contact with the malicious website, so they're not vulnerable to infection.
Thin clients and zero clients do have their drawbacks compared to thick desktop PCs, but security isn't one of them.
Choosing and managing thin clients
Zero client vs. thin client comparison
The basics of mobile thin clients
Zero client buying guide
Dig Deeper on Virtual desktop infrastructure and architecture
Related Q&A from Brien Posey
Your organization could accomplish Microsoft Exchange backup with native protection or through third-party offerings. It all depends on what you are ... Continue Reading
Edge data storage backup has become a key component of data protection plans. File sync-and-share software can complement this important backup ... Continue Reading
Some older file formats continue to find life in the enterprise decades after they were developed for their versatility -- in certain situations. Continue Reading