Securing remote control is the first step to safely managing changing working patterns

Opinion by Pascal Bergeot

Pascal Bergeot says being able to take remote control of users' PCs is crucial to managing modern and disparate work forces, but can you really be sure how safe you are?

In a recent interview, Andreas Köenig, CEO of Teamviewer, referenced research the company had done, which found that 83.5 percent of the 1,000 office workers they surveyed believed they did not need to go into the office everyday to be productive.

This is proof that the way we work is changing – it's becoming more flexible and more open. IT Admins have long been aware of this shift and have been battling with the complexity of securely managing an increasingly mobile workforce.

One of the key tools in this process is the remote control platform, which allows Admins to take control of a staff member's computer remotely in order to fix issues – Teamviewer is a market leader in this space, alongside the soon to be merged LogMeIn and Citrix GoTo product lines.

While IT departments may see these platforms as being crucial tools in helping them execute their jobs, are they really aware of the vulnerabilities they are exposing their companies to by using them?

A quick Google search reveals that all three of the platforms mentioned above have had major security breaches in the past six months, where millions of accounts have either been compromised or have been at risk of compromise. The key issue here is that companies using these platforms are opening themselves up to an increased threat risk by association. Organisations are putting their faith in these third-party providers to offer a secure service. Unfortunately, as recent news stories show, they can actually be a potential vulnerability point.

If there is any type of service foul up or compromise within any of these providers then that is amplified across their entire customer base. In short, there is one single point of failure for every organisation using that platform.

Furthermore, are companies fully aware of exactly who else they are sharing the platform with?

For an eye-opening insight here, go to Twitter and type in “#teamviewer”. This should come with a warning (NSFW: Not Safe For Work!): you won't find many product references or even complaints there, and it's certainly not something to do in front of your CEO (unless you want to prove a point).

This reveals the darker, seedier side of the Teamviewer customer base. You're entering the world of financial domination, where men hand over control of their computers (including everything from bank account access to email access) to dominatrixes.

Each to their own of course, but the question for companies of any size, but particularly the large, often regulated, enterprise sector, is “Do they really want their IT department using these same services for their ‘secure” IT operations?”  Most would undoubtedly be completely oblivious to the fact that people are using Teamviewer for this type of activity; but if they did know, they would very probably not want that system in play within their organisation.

So what is the answer for companies looking to securely support remote employees? Simply put, it's secure remote access using on-premises solutions. This has two clear benefits:

1)   The company is in complete control of the people using the resources and how they are using them.

2)   The threat risk is dramatically reduced. Companies won't stop themselves from getting breached, but they will remove the risk of getting breached through no fault of their own.

Remote working is not going to go away, in fact it's likely to increase in the coming years. If that is the case, then organisations need to be looking at not just how to manage diverse locations and remote workforces, but how to do it safely and without exposing their organisation to undue risk.

One of the first steps in this process is to get remote IT access under greater and tighter controls. Companies need to carefully evaluate the solutions they choose.

Contributed by Pascal Bergeot, CEO, Goverlan

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events