Data theft is increasingly making the headlines - and making businesses nervous. High profile organisations including The Eden Project, Verisign and Pfizer have all recently fallen foul of lost or stolen data, not to mention Nationwide, which was forced to admit that 11 million of its customers could be at risk of identity theft as a result of just one stolen laptop.
Lost, stolen or hacked laptops compromise individuals and businesses alike because of the valuable data they contain. Saved on the hard drive can be anything from customer or employee records to confidential presentations or sales figures.
Research firm Dynamic Markets has estimated that the average value of material saved onto a laptop is around £450,000 - around 700 times the cost of the laptop itself. Even if the data is not eventually used with malicious intent that's still a lot of money to be carrying around unprotected.
Aside from the straightforward cost of replacing the lost information, allowing data held on a laptop to be compromised can carry significant costs in terms of regulatory fines, not to mention reputational damage.
The US-based Ponemon Institute has discovered that in total each incident of data loss is likely to cost up to £2.5 million in direct costs, and UK legislation, such as the Data Protection Act, includes serious penalties for companies found breaching privacy codes.
If California's Data Breach Law is implemented in the UK, as called for in the House of Lords recently, organisations will also be required to fully disclose any loss of data which will increase the cost to businesses’ bank balances and brand.
So what can organisations do to protect their laptops and specifically the valuable data they hold? In a traditional laptop PC environment software such as Microsoft Office runs on the desktop as well as a large amount of corporate data stored for easy access while working remotely, or to protect it from being viewed by other users.
To keep this information safe a number of security measures can be taken including the installation of firewalls and passcode access, encryption of the material or by embedding a 'kill switch' that automatically disables the machine or software if it is compromised. The problem with these tactics, however, is that they are simply not robust or flexible enough to withstand the endless variety of dangers lurking in the ever-changing threat environment.
A growing number of organisations have turned to using thin clients and server-based computing as an alternative to traditional PC laptops. This is the architectural opposite of traditional PC environments where information is saved directly to the desktop.
With server-based computing using thin clients, employees can access the same applications, with the same look and feel, as with PCs, but all applications and data reside on centralised servers where they can be closely and more easily managed by IT staff.
All external connections - through email and the internet, for example - occur at a centrally controlled and managed location. Thin clients, therefore, present no risk of data theft because the users' data is stored centrally so the device is of no use once disconnected from the network.
This greater security is the major reason that sales of thin clients are growing at a rapid pace around the world - IDC predicts that the number of thin clients shipped will more than triple between 2005 and 2010. In fact, thin clients offer such a broad range of security benefits that organisations both large and small are deploying them specifically for their security advantages.
The security that thin clients deliver is evident in a number of key areas:
- Data storage - thin clients have no hard disk drive so cannot hold valuable data that may be stolen;
- Viruses - thin clients are largely immune to infection because they are XP embedded and have a Hyper Write Filter which prevents any malicious applications to install locally on the client. If infected, the 'locked down' mechanism means that a simple reboot removes any malware;
- Theft - thin clients have a lower risk of being stolen because data is stored in a data centre and the device is no longer usable and therefore of little or no value once disconnected from the network;
- Remote access - thin clients provide a secure environment for remote working because users access data over an encrypted network;
- Email and internet usage - two of the most common applications targeted by malware, however Microsoft Internet Explorer and Microsoft Outlook are more secure when sever-based;
- Data backup and restore - there is no need for either of these processes as all data is stored on a server and is managed as part of the overall enterprise backup process;
- Configuration - thin clients can be 'locked down' more effectively than PCs and they don't allow for non-standard configuration on the desktop - a common source of security breaches.
Improved security aside, in many environments thin clients offer numerous other advantages over PCs. IT management is far easier and more efficient, and cost of ownership for both desktop and overall IT infrastructure is significantly lower. One person could feasibly manage 10,000 devices in different locations without even leaving the office.
Thin clients are also highly reliable, with a far lower mean time between failure than PCs since there are no moving parts. By leveraging the back-end server environment, thin client computing, in addition, offers superior availability and scalability, along with faster performance.
Another increasingly important aspect of IT management is regulatory compliance. A large number of government regulations and industry directives include provisions for the management and protection of corporate data. By centralising and enabling tighter control over information assets, thin client computing can improve a company's compliance profile.
The ecological footprint of thin clients is also far smaller than that of traditional PCs because not only do they use less power, they emit less heat because they do not contain disk drives or graphics cards. Thin clients can also be good for your budgets as well as the environment - total cost of ownership analysis has shown time and again that thin clients are roughly a third of the cost of business PCs, including the costs of acquisition, management and maintenance.
While server-based computing with thin clients may not be suited to every business, it can certainly take a lot of the pain out of managing and protecting data assets. With the cost of lost and stolen data rising all the time businesses need to take whatever steps they can to minimise their exposure, and thin clients provide another valuable tool in any organisation's armoury against data loss.
