Consider security when using Remote Assistance
Brien M Posey
Published: 24 Apr 2002 12:21 BST
Remote Assistance allows you to share control of an end user's computer via your organisation's network or the Internet. You can view the user's screen, control their keyboard and pointer, and even communicate with the user via a chat feature. Although several security concerns might make you think twice about using this feature.
It all begins with an invitation
The remote assistance process begins when the user who's having the problem generates a Remote Assistance invitation. The invitation is basically a code that authorises the person holding it to remotely control the PC that issued the invitation. After the user generates the invitation, they must send it to the help desk.
The invitation can be sent via e-mail or through an instant message. Invitations can also be dumped to a file, copied to a disk, and snail mailed to the help desk, or the file can be posted to a network directory or Exchange public folder. However, e-mail and instant messages are the customary methods for delivering such an invitation.
An invitation for trouble
Although the flexibility with which a user can transmit an invitation to the help desk makes the invitation a handy tool, there are some very serious security issues that this flexibility produces. For starters, users tend to be impatient. If the help desk takes too long to respond to the user's problem, there's nothing stopping the user from sending the invitation to someone else. For example, most large offices have an office "guru" who thinks he or she knows everything that there is to know about computers, and who manages to convince other employees that he or she can fix the problem. A frustrated employee who hasn't gotten immediate attention from the help desk could very well turn to such a person for help.
A user could also send a remote invitation to a friend who doesn't even work for your organisation. While this friend may be a bona fide computer expert, there's always the possibility that the invitation could be used as a chance to gather information about your organisation's network configuration. (However, you can prevent Remote Assistance from connecting to anyone outside your organisation by simply blocking port 3389 on your firewall.)
Any time a user issues an invitation to someone other than the help desk staff, there's a risk of that person deleting files, spreading viruses, uploading pirated software, or worse. You may now be wondering, "What exactly can someone gain access to through Remote Assistance invitations?"
Previous
Did you find this article useful?
136 out of 219 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
