Windows or *nix based workstations are commonplace for many asset owners. The workstations are typically run on a standard PC using a hard drive to store the operating system and applications. This environment works well with one exception, new data can be stored on the system. On a corporate network, local data storage is typically preferred but this is not necessarily so on a control network where uptime is critical and HMIs can become infected. There are other options which may be preferable, at least as a recovery option.

A terminal server and thin clients are a good way to provide specific operating environment to the clients. As the thin client boots it connects to the terminal server and loads the operating environment from the server.  When using thin clients, all processing is done on the server. This provides a consistent environment for all workstations and a central point for administration. The downside to a terminal server is that it can be a single point of failure so a backup server would be useful. Another possible downside is response time as all of the processing for all of the thin clients is done on one server, the server can become bogged down if there are too many clients or if one of the clients perform an action that consumes the CPU.

If a terminal server / thin client setup is not ideal for day-to-day operations another option is a hybrid client or diskless node.  These systems are typically regular PCs that have no hard drive and perform a network boot.  These systems load the operating system and applications in memory and all processing is done locally.  Any persistent data must be saved somewhere on the network as the workstation will not retain the data.  The systems can also be booted via live CDs or DVDs.  While live CD/DVD operating systems are more prominent on Linux, there are Windows based live CD/DVD options like BartPE.  Network boot or Live CD/DVD environments can perform just like a standard PC but without some of the risks of locally stored data.

In all of the situations above the servers become the most important parts of the operating environment and would need be monitored, patched and protected as best as possible. These options shift the risk from the both the workstations and the servers to just the servers.  They should reduce your attack surface or at least provide a way to quickly recover. The network boot and live CD/DVD options could be very useful for disaster recovery by allowing some systems to be brought back up in minutes while other systems undergo maintenance.