Secure environments are at risk from internal threats. The easiest and most pervasive avenue to compromising sensitive information by the internal threat is the availability of data stored on local devices such as hard drives, USB drives, CD/DVDs. The internal threat can download data to the local device, conceal it and remove it from the facility with ease.
The solution: Thin or zero client computing
Thin clients are network-based computing devices that use the resources of servers to store applications and data and deliver them to users without the use of conventional PCs. No data is actually stored on the thin client, all data is stored in secure servers. Individuals who sit in front of thin clients may see a familiar Windows desktop environment that looks and feels virtually identical to that of a traditional PC; thus, no user training is necessary. However, unlike many PCs used in business environments, thin clients are in the complete control of the IT department.
Thin clients have a small footprint Operating System (OS) that provides the functionality to securely connect to servers and display applications for workers. The small amount of software in these devices is why they’re called “thin” clients. There is an opportunity to make the desktop or mobile device even thinner – called a Zero Client. A Zero Client has no local OS pre-installed on the unit. This information is provisioned to the desktop (like a cell phone is provisioned when purchased) when it is powered up, based on the worker’s security credentials in the organization. Zero Clients cost less, and don’t need to be managed, but require more network bandwidth than Thin Clients as the complete OS must be streamed to the Zero Client before boot.
The client does not contain any moving parts, no hard drive(s), no USB connections. It is literally a brick until it is attached to the appropriate network device and a user’s security credentials, either biometric, smartcard or traditional username/pw are presented. Upon successful connection to the network, the user is booted into the thin client solution where his/her OS is running in a secure environment in the facility’s server room. The user does not have any access to local resources on the thin or zero client. Below are attributes of the thin client:
- Supports Microsoft Windows XP Pro, Windows Vista, Windows 7 and Linux derivatives
- Can provision the complete operating environment
- 100% application, peripheral and multimedia support.
- No local storage
- Zero Clients are useless if stolen, no drive, no data
- Used by many Government Agencies globally
Smart card (including HSPD-12) and biometric readers offer secure, automatic identification of users, ensuring privacy.
Directly related to the security benefits is the ease with which many other critical functions can be performed, such as application updates and automatic backups of user data. Because data and applications are not stored on the client devices, everything is available in a single, centralized location, which greatly reduces the effort necessary to complete these tasks.
Tassa Corporation staff has successfully implemented, and continue to maintain, secure thin client solutions for other Government Agencies and would welcome the opportunity to discuss unique secure thin or zero client solutions for your organization.