Network Security Basic Training Series: Remote Access
In the last article of the Network Security Basic Training Series, we covered how patching is important and necessary to the security of your business.
In our latest installment we talk about the Perils of Using Remote Access Software.
While software that can be installed on your PC and used to remotely connect when you are away from your home office can be very handy, it also comes with risks that may not be apparent at first.
Various products exist to allow you to access your computers remotely, including TeamViewer, GoToMyPC, AAA PC Remote Control Software and several others. If not setup properly and securely, many of these products can leave your PC open to external hackers or malware that could potentially get into your PC without your knowledge— and possibly steal your data or do damage to your system.
One of the main issues with any product like this is that many use a password to protect the remote capabilities, and some users choose to re-use passwords that they use for other systems including bank accounts, social media accounts, etc.
Most recently – there is a great deal of press about the issues over at TeamViewer. According to a recent CSO Magazine article:
“Several TeamViewer users have reported unauthorized access over the last few days, leading some to suspect that the remote connection company has been hacked. The unauthorized access reports started showing up on Reddit around the same time that the company suffered possible DNS issues that triggered an outage lasting for several hours.”
A response from TeamViewer stated:
“TeamViewer experienced a service outage on Wednesday, June 1, 2016. The outage was caused by a denial-of-service attack (DoS) aimed at the TeamViewer DNS-Server infrastructure. TeamViewer immediately responded to fix the issue to bring all services back up.”
What is not completely known yet is how this reported DNS outage for TeamViewer may have affected the users of the product (if at all), and if this incident is related at all to the reports from users having their information and accounts compromised.
TeamViewer had a very similar issue to the most recent incident that occurred to GoToMyPC who has been the target of a password attack. This only shows how important passwords should be.
Passwords for such applications should be strong, unique and not used elsewhere.
If you use any remote access software on your computer, you should immediately check the security of how it is setup. First and foremost, if you no longer need to use the remote access software, then remove it.
If you are unsure if it has been setup securely or not – then remove it you can consult with someone that can help you get it setup securely.
If you have to continue to use the remote access features, then you should be sure that any passwords you may be using are unique and very strong and that you are not using the same password for any other systems or accounts.
If your company uses remote access software for vendors or employees, it should be secured and very restricted to only those users that absolutely need to use this method of connection. Remote capabilities should be reviewed at least annually to ensure that orphaned accounts do not remain.
Another thing that you can do to protect other users at your company and your corporate data is to ensure that you have a good managed firewall in place and that activity through your network is monitored for unusual activity. The last thing you need is to have a hacker or rogue employee with remote access to your network and private data without that activity being detected.
Incidents like this should hopefully be shut down before any damage can be done.
Managed network security firms such as Netsurion can secure your company network and ensure that things like remote access software are not even allowed through the firewall and, therefore, not able to be used as an access point into your computer and your company’s sensitive data.
They can also monitor other activity that is allowed in and out of your network to ensure that no suspicious issues are seen and not responded to.
The bottom line is this – if you don’t need to have remote access software on your computer, then take it off and don’t use it. If you do have to use it – be sure that it is set up securely and that the activity for that program is somehow logged and monitored.
Subscribe to Lumifi's Daily Cybersecurity News Curated by a CISO
We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.