Ease of security management is a major factor driving companies to adopt a thin-client computing model, according...
to a new report from Deloitte LLP.
The statement comes as part of the consulting giant's broad technology forecast for 2010. Another notable prediction that may affect information security professionals is that virtual desktop infrastructures (VDI) are set to challenge the PC in the enterprise. It predicted that by 2015, 10% of the world's workstations will be thin-client devices.
A thin-client computing approach centralises processing power and data storage, and replaces a user's PC with a dumb terminal that is limited to sending keyboard and mouse inputs and receiving screen inputs.
Paul Hanley, head of technology, media and telecoms security at Deloitte, said that as long as thin-client architectures are implemented properly, they can make it easier to administer security, and they can limit the risk of data leakage.
"One of the key benefits of thin-client technology is that you only have one area to administer; one set of software to keep patched and updated," Hanley said. "That can really keep costs down.
"It can also help prevent data leakage. Most thin-client technology has no local storage, so everything is stored in secure back-end storage devices. It means you can concentrate on securing one or two crucial points. You can also spend more time on rigorous testing, rather than spreading the efforts across a lot of devices."
But thin-client computing can also create new security issues. "There is a danger of putting all your eggs in one basket," he said. "You need to make sure you have sufficient bandwidth in place to eliminate latency on the systems. You must also make sure your connections are appropriately robust. If the connection is cut or broken -- and these things do happen, because roads get dug up, for example -- you need to be sure you have some other mechanism to transfer data."
The Deloitte report acknowledges that thin-client technology has been around for years without managing to dislodge PCs to any great extent, but it argues that several factors are now making it more attractive to organisations, and concerns about bandwidth and unreliable connections can be overcome.
Lower power consumption and lower cost per user terminal are both important factors in a difficult economy where companies are looking to save money. But the report states that the main direct cost savings arise from lower support and maintenance and move-related costs: "New recruits would not need a technician to build and install a PC for them, and human resources could simply handout a standard thin client as part of the employee orientation. Employees could even pick up a unit from a stationery cupboard. Technical staff would not be required to undertake moves and changes."
The report also points out that with thin-client technology, major software refreshes could be undertaken overnight, with no need to bring everyone's PC back to base. "There would be less need for technical support to fix mechanical failures, as thin-client units have no moving parts." The report continues: "The cost per software and operating system licence could also be lower in a thin-client environment. Economies could be achieved through having a central pool of virtual desktops that are shared between users but only activated when in use. If 10% of users are not using their desktops on any given day, a commensurate reduction in software costs is possible. With a thick-client environment, licences are typically paid for on a per-device basis."
Despite the proven advantages of the thin-client approach, some products may still cause security concerns. Last August, a study carried out by NCC Ltd found that several well-known thin-client products had basic security flaws that could make them vulnerable to DDoS attacks and buffer overflows. It also made the point that firmware in terminals needed to be patched and that some companies might lack the Linux skills needed to manage the devices.