Evaluating Thin-Client Security in a Changing Threat Landscape
Intel IT’s security team continually analyzes our computing model to determine how it needs to evolve in response to an ever-changing threat landscape. Recent cyber attacks on a number of high-profile targets provided added impetus to re-evaluate the security offered by thin-client models and whether using thin clients could help defend against similar attacks.
We identified five attributes that are often perceived as security benefits in thin clients: prevention of physical data loss, removal of administrative privileges, limitations on installed applications, client integrity, and ability to roll back to a known good state.
We determined that while these controls can contribute to a more secure environment, they would not have prevented the recent cyber attacks from being successful.
Furthermore, we also observed that these controls are not unique to thin clients: Equivalent controls can be, and are, implemented on PCs—without giving up the functionality that is sacrificed with the thin-client model. Where such controls have not been implemented holistically on either thin clients or PCs, the reason is often because they place unacceptable restrictions on user productivity, not because of the client architecture.
We also considered other restrictions and costs of thin clients, including the inability to support mobile computing, highly interactive or compute-intensive applications, and rich media such as video. Thin clients also require significant additional server capacity and network bandwidth. Some thin-client models can also increase the risk of business disruption if an outage occurs within the central network resources upon which the thin client depends.
Read the full Evaluating Thin-Client Security White Paper