ISO Position Paper
Position Title: Thick Client Access to Internal Databases
Position Audience: Princeton IT Professionals
Contact: Information Security Office: InfoSec@princeton.edu
Position Release Date: August 1, 2018
With some legacy systems, thick client access was necessary for non-admin users to access
internal databases at the University. For most, if not all, this also required firewall rules to be
put in place causing overhead, complexity, and access security concerns.
Many of the necessities for thick client access have been eliminated and is the reason for this
If there are options to provide access to internal databases without the use of a thick client,
those options should be used.
With each upgrade that OIT performs, if there are legacy thick client connections they should be
migrated to current standards of access, including web applications, terminal servers, or bastion
hosts, and associated firewall rules be identified and removed.
Any questions or requests for a security review for exemption can be addressed by the
Information Security Office.
Data classification: Public