From a security standpoint, the primary advantage to using thin client or zero client devices for desktop virtualization...
is that they prevent end users from having direct access to the endpoint operating system.
End users and network endpoints represent the biggest security vulnerabilities associated with traditional client/server computing. We have all dealt with, or at least heard stories of, end users installing unauthorized and potentially infected software onto their desktop PCs, deleting system files, copying sensitive data to removable storage devices, or perhaps falling victim to a malicious website. These problems typically go away -- or are greatly reduced -- by using thin clients or zero clients.
Thin clients are endpoint devices with limited storage and computer processing capabilities that function through a network connection to a serer in the data center. Zero clients take it one step further and don't include any local storage. On typical thin clients or zero clients, users do not have local access to the desktop OS and are not able to install software from or copy sensitive data to removable media. These types of devices often don't include USB ports, making the use of removable media impossible. Thin client devices are also generally resistant to tampering, so the odds of the device becoming infected with malware are very slim.
Although thin client vendors such as Dell Wyse advertise "virus-immunity," using a thin client device does not completely mitigate the risk of malware infection. For example, if a user visits a malicious website, an infection is still possible, but it would affect the virtual desktop OS rather than the thin client. Thin client devices never make direct contact with the malicious website, so they're not vulnerable to infection.
Thin clients and zero clients do have their drawbacks compared to thick desktop PCs, but security isn't one of them.
Choosing and managing thin clients
Zero client vs. thin client comparison
The basics of mobile thin clients
Zero client buying guide
Dig Deeper on Virtual desktop infrastructure and architecture
Related Q&A from Brien Posey
Bloatware isn't just annoying -- it can negatively affect OS security, for example. Find out ways to get rid of Windows 10 bloatware once and for all... Continue Reading
Is your Google data protected? Make sure you are backing up G Suite files, because Google doesn't provide the comprehensive protection you'll need to... Continue Reading
Hyper-converged systems, like any other, require data protection. We describe using RAID and erasure coding for hyper-convergence to help you pick ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.