Think thin

Hans-Juergen Neumaier had finally had enough. Last November, the CIO of Sparkasse Haslach-Zell, a small savings bank in the heart of Germany’s Black Forest, pulled the Windows NT desktops off employees’ desks and replaced them with Sun Ray thin clients.

“We were so tired and angry about the constant need to patch PCs and update our antivirus software,” Neumaier says. “With all these huge virus and hacker attacks, ... we needed to do banking in a more secure way.”

Using smartcards, the bank’s consultants can log on to any workstation and access Microsoft Office and line-of-business applications stored on Sparkasse’s Linux-based terminal server. The Sun Rays use an ICA (Independent Computing Architecture) client to access the terminal. A Citrix Metaframe session captures commands and keystrokes from users, and sends back images from each app as the screen changes. With no local storage or operating system, the ultrathin Sun Rays can’t be misconfigured or infected with malware.

Alhough only one out of five Sparkasse employees currently uses a thin client, Neumaier’s ultimate goal is to move all of them away from PCs and onto Sun Rays.

“I think we’ve learned our lesson,” Neumaier says. “We’re no longer able to handle PC administration.”

Since they first began to replace “dumb” terminals in the late ’90s, thin clients have always been niche machines in industries like healthcare, banking, education, and city government. Some are “ultrathin” with no OS at all, which exchange data with servers via an ICA or RDP (Remote Desktop Protocol) client. Others are merely “thin,” sporting a firmware-based embedded OS like Windows CE or XP and a browser. A few are even ordinary desktops, stripped of local storage that use custom boot software or a terminal emulator. Although thin clients account for less than 1 percent of today’s desktop machines, they’re growing twice as fast as PCs and may account for 10 percent of all enterprise systems by 2008, according to IDC.

Click for larger view.

“Security issues have gotten absurd when it comes to desktop PCs,” says IDC analyst Bob O’Donnell. “What thin client architecture does is force you into really good IT practices. All you have to do is monitor the servers — you never have to worry about the clients.”

Dumping the Desktop

For Keith Courier, moving to thin clients isn’t just a good idea, it’s the law.

His company, Mosaic, an Omaha nonprofit that manages care for the functionally disabled and housing for independent elders, is switching from Microsoft Windows PCs to thin clients largely to comply with HIPAA (the Health Insurance Portability and Accountability Act), which requires healthcare firms to prevent unauthorized access to electronic medical records.