recommended reading

VA considers dumb computers to save money, tighten security

The Veterans Affairs Department wants to go back to the future and test 20,000 thin clients -- terminals without the internal smarts of PCs -- in six hospitals and 29 clinics.

The technology has existed since the dawn of the Computing Age, connecting an end user to a remote mainframe or server. But information technology departments gradually replaced the stripped-down computers with PCs, which host and run a range of applications.

The shift had its downside, however. Desktop computers in a medical environment are a security risk because anyone can access files to upload or download personal information on a hard drive.

In addition, maintenance and configuration of software boost the total cost of ownership of PCs to more than four times their purchase price, according to a study by research firm Gartner Inc. For a department as large as VA, which has about 325,000 personal computers, those costs can be high.

Citrix, a thin client vendor, estimated the total cost of ownership of a thin client system, which includes software, terminal hardware and backend servers, to be between 35 percent to 52 percent lower than PCs.

But low-cost dumb terminals, which thin clients also are known as, won't go very far in satisfying end users unless they offer the same utility, applications and fast response times as the more familiar PC, said a VA clinician who declined to be identified.

That's why the department plans to test the latest iteration of client-server architecture, desktop virtualization, which replicates all the applications found on a PC in a server cloud that is typically off-site but can be accessed by a terminal.

Aivars Apsite, technology manager for Metro Health, which operates a 206-bed hospital and 12 clinic in Grand Rapids, Mich., said the main advantage of desktop virtualization is it allows clinicians to quickly and easily access applications and records on terminals stored throughout the hospital.

When Metro Health opened its new hospital three years ago, it was equipped with a thin-client system from Wyse Technology that included 1,650 terminals installed in patients' rooms, common clinicians use and mobile wireless systems mounted on carts, Apsite said.

Desktop virtualization allows doctors to move from room to room and from terminal to terminal, "and once they log in [on a new terminal], they can be back where they left off in 10 seconds," he said.

Putting the software on a server rather than desktops makes configuration control much easier and also improves security because users cannot upload or download files, according to Apsite .

Metro Health still operates 1,150 PCs, primarily to access medical imagery, because until now thin clients could not refresh fast enough to present diagnostic-quality imagery, nor could they handle dictation software.

But Metro Health recently finished testing a software protocol called PC over IP, which provides the 45 frames-per-second refresh rate needed to support diagnostic images and is fast enough to handle dictation, Apsite said.

He added VA should use PCoIP and the newest version of VMware, VM4.5, which is optimized to support desktop virtualization.

In addition, federal IT managers should be prepared for clinicians who don't want to give up their PCs and, Apsite suggested officials introduce the technology early to give doctors time to warm up to the new devices. VA should "test, test and test" thin-client installations hospital by hospital to make sure the application suite works, he noted.

Metro Health has hired Cisco Systems to study the total cost of ownership. Terminals cost the company $200 less than PCs, Apsite said.

Dana Loof, executive vice president of worldwide marketing for Pano Logic, said a client-server approach could shave as much as 88 percent off VA's energy costs. Pano Logic sells a service called zero client computing, which includes terminals that cost $489 and require only 3 watts of power.

VA wants interested vendors to submit white papers on current state-of-the-art architectural and planning considerations for thin client computing, desktop virtualization and cloud computing by Oct. 22.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.