As broadband becomes ubiquitous, many businesses are looking for ways to grant staff remote access via an internet connection to their office computers. ‘Remote desktop’ services such as LogMeIn and GoToMyPC allow staff to edit files, access software and send emails from anywhere in the world, but is their use compromising workplace security?
Remote desktop software creates a connection between the host computer and the remote computer via the internet. Everything that is viewable on the host is replicated on the remote computer in a series of rapidly refreshed screenshots, and the remote user is able to use the keyboard and mouse as normal.
In order to access a host computer, permission must first be granted ‘at source’. This usually involves installing software on the host and then leaving it connected to the internet. After that, users typically access the host via the service provider’s website using a username and password.
To prevent malicious users from eavesdropping or gaining control of a computer within a network, strong password security is essential. For any organisation choosing to allow the use of such software, it is wise to introduce an acceptable use policy that sets minimum standards for password strength and prohibits users from sharing their access details. In addition, users should be aware that the maintaining the security of the remote PC is paramount, as this computer effectively becomes a doorway into the organisation’s network.
However, access via a user account is not the only threat posed by remote desktop software. Firewalls prevent unauthorised actions from taking place via the internet by blocking access through multiple doors known as ‘ports’. However, for remote desktop services to function, the software must be permitted a passageway through certain ports, leaving holes in the firewall and lowering the effective security of the network. In addition, if there are multiple remote access users on a corporate network, this may require multiple ports to be left open, further increasing the chances of an attacker compromising an organisations firewall.
For organisations wishing to prevent the use of remote desktop services, there are a number of steps that can be taken. First, the administrative privileges of individual users should be removed so that they do not have sufficient clearance to install such software. Second, the ports that need to be opened in order for the host to transmit to the remote computer should be blocked via the network’s central firewall.
If an employee is suspected of using such software inappropriately, it is wise to call on the professional services of a computer forensic expert who will be able to analyse the data stored on the suspect computers to establish if unauthorised activity has taken place. Further, for any organisations concerned about potential holes in their network security, such experts should also be in a position to test the system for vulnerabilities and advise on how to remedy any problems.