Data Loss Prevention for Thin Clients
Protect data on Terminal Servers and prevent data loss in Thin Client environments.
Thin Clients present clear benefits like reduced total cost of ownership, simplified security, increased productivity, and they are used in various verticals, from education and finance to healthcare. According to research company IDC, by 2018, Thin Clients are expected to reach 7.8 million units shipped worldwide. Security professionals consider them more secure because they do not have storage capacity and everything they are accessing and storing resides on Terminal Servers. However, there are Thin Clients that have USB ports, making data transfers possible. Additionally, if users have access to the Internet on the Terminal Server, there is the threat of sending confidential files to the cloud.
Protecting data on Terminal Servers and preventing data loss in Thin Client environments is as important as it is on fat clients (personal computers). IT Administrators must make sure that they enforce control on the use of portable storage devices and filter data that is being copied / uploaded to cloud storage and other online applications.
The IT infrastructure in Thin Clients environments is simplified, with a terminal server that fulfills tasks like data processing and storage, acting as a host, and the thin clients. These are light machines, with no hard disk and limited power compared to classic computers or so-called fat clients. Thin clients can run on Remote Desktop Protocol (RDP), Virtual Desktop Infrastructure (VDI) or other protocols.
How DLP for Thin Clients Works
Thin Clients present benefits like reduced total cost of ownership, simplified security, increased productivity, but while the advantages are pretty clear for the IT professionals, there are factors that could represent a threat even in this type of model. With Endpoint Protector DLP, data loss risks are minimized, filtering and stopping data transfers from Terminal Servers to the cloud or to portable storage devices.
In networks with an Internet connection and access to cloud-based apps, employees will most likely use applications like Google Drive, Dropbox, web-based e-mail accounts and others. These help them perform their tasks easier and faster, so they should not be banned, but rather controlled in terms of what files are being uploaded to stop sensitive data getting in unwanted environments.